Thanks Jim.
and:
In the email program, look at "headers." Headers are not the from: to: CC: Bcc: line, but the hidden information in the email that traces the email and tells it where to go. You start from the bottom and read up to the top. You will ind addresses in there that are not your bank.
Also, one of the drop down menus will have a "view page source" and you can look at the email in a different view. Look for the link that was in the email, and you should see an added piece of information that is not viewable in the actual email format, only in page source view.
Whenever you forward an email to the abuse people you should send it in the full header format. It does them no good to just received an email that has been forwarded in the typical email format.
This is what a "LONG HEADEER" format looks like: (very technical. I changed some email addresses for safe reasons, but the IP's are still good. this is what the abuse people need. see my other comments below this.)
From: ING DIRECT
Subject: Hi, hey and hello from We, the Savers.
Date: March 17, 2011 8:25:31 PM CDT
To:
someone@SBCGLOBAL.NET
Reply-To:
saver@ingdirect.com
X-Apparently-To:
someoneelse@sbcglobal.net via 68.142.199.167; Thu, 17 Mar 2011 18:50:30 -0700
X-Yahoofilteredbulk: 98.139.91.83
Received-Spf: softfail (mta1029.sbc.mail.sp1.yahoo.com: domain of transitioning
saver@ingdirect.com does not designate 98.139.91.83 as permitted sender)
Received-Spf: pass (mta1048.sbc.mail.sp1.yahoo.com: domain of
saver@ingdirect.com designates 63.113.210.126 as permitted sender)
X-Ymailisg: M5SbEhMcZApOHhPPHKcskguwtEOGDDMRT0GxaJvB19J0weQS 7idck0SglTLhFzZo2MKUqC8RislZAlv1Ie7cxCgh83ZSfZJqMc 2zW.L6kp6d EJmOIG3qS55UjVdvix0hLI1DYXW7FB6AWO1MYjLKxOPchTl4o. o6griflwlw Yy2j.yuGEu5_qHkCiiEh6g2xAaN0q3naBXjFLdP1OUhXq.lIfR n3JVQ3Qlhp C4.TfO.aQqlw.fYCiWo3MwkvWmulCnNOZB_R3IJ4U3jRufLd_a h3p_XKdGA4 GNaa7qPHtT9lQk5UjrBgLh5y8ZUhEQUXabL2erqGR42Wh07xUc kiwMyAkceF ARSJ8g9aNvsWQeRN2Z1o17_wFAVp8PaKBkYNbWgdXZGJYsFVDF nkqGM0NUPr n9DFg3Ls2gjtSkOzxXJ_pbkuBR.ErXKEDFb3HZ7Mm2CMI16J8J ExWDlREijW C.qYtFiApNE3aTvG0mBnLB8roJxFldOH8e278Gd1IA8Ugq5a7L SxKkRER0Qh hDeV.CfZ5f3d6VmGDmwk1Cv4jABBt4DdU3ISSWKTvI5X_S9MD. C16Ms-
X-Ymailisg: n5ibotIcZAoyPMBcXJxHTyzWdLr6U8uGHD2u23E.UwipKTRL RkUIGdTc7a1369o7GNL5OYne7KVc4kLW2OVy65GZO5vy73oXZG 7xq_PfL_1S 51YqlRgpz2_EpN6mmDHEAKY6H8kgkYXyacB4ksNRt.s0huIIGR VOt1iW7GhA xWOWU4p8qUFdkOP7iUFndtFLWaM1_dtoa3CxA54KPIkAvy4ynI wSIjxHQV65 IVGcw6QRldQY7vZPCBWxQkoe8SnqBn8OGnc2oC769TvMZ38jbN _EHrrsNAE6 4zAIR3FisObaDdFzE9I.sF.jv0kQKU2YRKcAKM58WvsluyXDCK RKHuM3XlOP CTltL3zPJUCoFhtHYF7RouiC81VmFmcJv6E8y3nM3GH4O2Cy4R P4RHCwS6at reUCO7y38.lkDnM6JfaZ9noZpspACPqpb3Om6P2glUJuDRmU.4 4K4.CNVZRj UNeb3e6_hP3QdmBWd_kurDrTr05s2Yjmnc6GmYtGtSi4JJHwu2 xOAZm4c0wy J_zw7_7pzYYXJH7OowXkkA--
X-Originating-Ip: [98.139.91.83]
X-Originating-Ip: [98.139.91.83]
X-Originating-Ip: [63.113.210.126]
X-Originating-Ip: [63.113.210.126]
Authentication-Results: mta1029.sbc.mail.sp1.yahoo.com from=ingdirect.com; domainkeys=neutral (no sig); from=yahoo.com; dkim=permerror (bad sig)
Authentication-Results: mta1048.sbc.mail.sp1.yahoo.com from=ingdirect.com; domainkeys=neutral (no sig); from=ingdirect.com; dkim=neutral (no sig)
Received: from 207.115.36.55 (EHLO nlpi183.prodigy.net) (207.115.36.55) by mta1029.sbc.mail.sp1.yahoo.com with SMTP; Thu, 17 Mar 2011 18:50:30 -0700
Received: from nm13.bullet.mail.sp2.yahoo.com (nm13.bullet.mail.sp2.yahoo.com [98.139.91.83]) by nlpi183.prodigy.net (8.14.4 IN/8.14.4) with SMTP id p2I1oSpK001345 for ; Thu, 17 Mar 2011 20:50:29 -0500
Received: from [98.139.91.64] by nm13.bullet.mail.sp2.yahoo.com with NNFMP; 18 Mar 2011 01:50:28 -0000
Received: from [98.139.91.58] by tm4.bullet.mail.sp2.yahoo.com with NNFMP; 18 Mar 2011 01:50:28 -0000
Received: from [127.0.0.1] by omp1058.mail.sp2.yahoo.com with NNFMP; 18 Mar 2011 01:50:28 -0000
Received: (qmail 37505 invoked by uid 6007); 18 Mar 2011 01:50:28 -0000
Received: from 63.113.210.126 (EHLO nlpi166.prodigy.net) (207.115.36.38) by mta1048.sbc.mail.sp1.yahoo.com with SMTP; Thu, 17 Mar 2011 18:50:28 -0700
Received: from BULK6.ingdirect.com (bulk6.ingdirect.com [63.113.210.126]) by nlpi166.prodigy.net (8.14.4 IN/8.14.4) with ESMTP id p2I1m9HV002575 for ; Thu, 17 Mar 2011 20:50:27 -0500
X-Yahoo-Newman-Id:
235228.61382.bm@omp1058.mail.sp2.yahoo.com
Dkim-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s1024; t=1300413028; bh=cuU7YJOjqoyhmTpLbQr4PxYaeiTSG2uXitAggc2xtOQ=; h=X-Yahoo-Forwarded:Return-Path:Received-SPF:X-YMailISG:X-Originating-IP:Authentication-Results:Received:X-Originating-IP:Received:Message-ID:Subject:Sender:From
ate:To:Reply-To:X-Priority:MIME-Version:X-Mailer:X-##MessageLogID:Content-Type; b=HO6Cs2olgJTQwWHV3T5akzMuWBmisFauSDprEVQ701OPRERu 9mN2k23S9sJ4OAa9/tKg3tZRWk1ZW6MinMzE4II0WThlZ04SFbKAUq5K+AXZRDgu/UEqzNNKlfB4915uXW0i+W4f5R09SVZGpcUNpmBahBpXwskb0CP p0ZGfdWA=
X-Yahoo-Forwarded: from
someone@sbcglobal.net to
someoneelse@sbcglobal.net
Message-Id:
Sender: "ING DIRECT"
X-Priority: 0
Mime-Version: 1.0
X-Mailer: JMail 4.3.1 by Dimac
X-##Messagelogid: 675276513
Content-Type: multipart/alternative; boundary="--NEXT_BM_5E74AE05718C40D487299A0DAC68B3A3"
=====================
That is what a long header looks like, so when someone tells you to send the headers, that is what they are expecting, not just the email header you see in you email program.
About 99.99% of all companies have an abuse program. Their typical email address is:
abuse@(domain name). In my case it would be
abuse@sbcglobal.net. If you are AOL it would be
abuse@aol.com. You should receive a canned email back from them, and possibly a follow up later on.
Please, do report scams this way. It will help cut down on abuse.
That is the one thing that I like about the MAC Mail program. There is a little button I can click on that says, "Bounce." It sends the email back to the sender as if I do not exist. It has cut down on my email clutter considerably.
Good luck.
Edited: p.s., never click on a link you have not identified as one you want to go to. One of the firefox benefits is the add-on Web Of Trust (WOT) that warns when a web site is not trustworthy. I you are using Firefox I highly recommend it, along with Norton's Internet Security.