Link to home
Start Free TrialLog in
Avatar of Anonymous KH
Anonymous KHFlag for Singapore

asked on

Is this email genuine or not?

Dear Experts,

I was tasked to find out if this email is genuine or not.

I tried to send a test mail to both email addresses, my boss was not happy about that.

I did a nslookup and had the following info

maybank.com     MX preference = 10, mail exchanger = ms2.maybank.com
maybank.com     MX preference = 15, mail exchanger = ms2.maybank.com.my

ms2.maybank.com internet address = 202.162.18.190
ms2.maybank.com internet address = 202.162.18.110
ms2.maybank.com internet address = 202.162.18.191

ms2.maybank.com.my      internet address = 202.162.18.110
ms2.maybank.com.my      internet address = 202.162.18.111
ms2.maybank.com.my      internet address = 202.162.18.190
ms2.maybank.com.my      internet address = 202.162.18.191

What other methods can I do to check and confirm if the email sender is genuine or not?
Is-this-email-genuine-or-not_2.jpg
Test-smtp-server.JPG
Avatar of Alan
Alan
Flag of New Zealand image
Why don't you just call them and ask?

Alan.
Avatar of Alex
Alex
Flag of United Kingdom of Great Britain and Northern Ireland image
The simplest solution is often the best
Avatar of John
John
Flag of Canada image
Source IP:
VADS IP Administrator
VADS Bhd, Internet Service Provider
Kuala Lumpur, Malaysia
phone: +6-03-7192729 ext 7197
fax: +6-03-7182584

Is that your Bank?  Likely not so delete the email straightaway.
Avatar of Dr. Klahn
Dr. Klahn
Ask your accounting department if your company has a business relationship with that company.  If not, then the answer is no.

Anybody can register a domain for $10.  The fact that the DNS resolves correctly means nothing.

For what it's worth, there is so much spam coming from Malaysia that I block the entire country on my server using GeoIP.
Avatar of John
John
Flag of Canada image
I think you know this is spam, but also put in a good top notch spam filter to stop this and ransomware as well.
Avatar of Anonymous KH
Anonymous KH
Flag of Singapore image

ASKER

Hi,

The email is genuine, I just do not know how to find out that it is genuine without sending a test email or calling them.
Avatar of John
John
Flag of Canada image
It did not seem genuine from here, but if you believe it is, you would need to confirm with the sender.
Avatar of Anonymous KH
Anonymous KH
Flag of Singapore image

ASKER

Hi,

The idea is to check that the email is genuine without alerting the sender that a checking was done.
Avatar of John
John
Flag of Canada image
You have to look at the content and determine. I get email from clients and I can tell instantly it is genuine. So you should be able to do the same.
Avatar of Anonymous KH
Anonymous KH
Flag of Singapore image

ASKER

Resolved by my boss. I still have no idea how to check and identify if the same issue arises again, sigh...
Avatar of John
John
Flag of Canada image
There are so many ways to send and hide / obfuscate emails that all you can do in the above circumstance is wait and see if it occurs again.

If you do not know the sender, and are the least bit uncertain, delete immediately.
Avatar of Anonymous KH
Anonymous KH
Flag of Singapore image

ASKER

Hi! John,

Deleting is easy but as this is our customer’s email we will be in trouble if the email is genuine as the recipient’s email is not shown.
Avatar of John
John
Flag of Canada image
I have not seen good email where the recipient's email is not shown. All recipient's not shown end up in my spam filter.
Avatar of Anonymous KH
Anonymous KH
Flag of Singapore image

ASKER

It is either bcc or they use something called "undisclosed recipients"
Avatar of John
John
Flag of Canada image
If that is the case, then you need to look at the email and determine. Beware of simple links, and it otherwise it is just text and looks sensible, then it should be fine.

But even BCC (I get these), you will also know who sent it.
Avatar of Anonymous KH
Anonymous KH
Flag of Singapore image

ASKER

Hi! John,

This is what I saw in the icebox when the client received the email in question

User generated image
Avatar of John
John
Flag of Canada image
The history (bottom half) looks fine.

If the sender is your bank, then OK.

I am not sure what else to say. If the sender is known to you and there is no viruses or other indication of issues, then you are good to go.
Avatar of Anonymous KH
Anonymous KH
Flag of Singapore image

ASKER

This is what my boss saw but he wants me to do some investigation to check that the email sender is genuine as we are managing the spam emails for my client.

I can say the email is genuine but on what grounds is the email genuine, my boss will ask.
Avatar of John
John
Flag of Canada image
It is content, and now with the information you have provided, only you can make the decision. You sav you know the sender and the content is good. Only you can now make the decision.
ASKER CERTIFIED SOLUTION
Avatar of Alan
Alan
Flag of New Zealand image
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of John
John
Flag of Canada image
If the sender is known (as said), and is there in the headers, that goes a long way to proving legitimacy. From there it is a content review.
Avatar of Alan
Alan
Flag of New Zealand image
Sender names can be easily spoofed - easy to get caught out by that if you aren't aware.

Alan.
Avatar of John
John
Flag of Canada image
That is why content review is important. Also, if spoofed, the spam filter should trap it
Avatar of Anonymous KH
Anonymous KH
Flag of Singapore image

ASKER

Hi! Alan,

Thanks for the advice, I will keep that in mind when my boss ask me to verify another genuine email.

Thanks.