User profile for user: Keiichifrommd
Keiichifrommd Author
User level: Level 1
4 points

Fraudulent emails from me to myself

I kept receiving annoying fraudulent emails (seeking a bitcoin ransom) that claim to “have gained a full access to all devices used by (me) for internet browsing” by making both sender and recipient of those emails appearing as me (with my ******@mac.com account). By choosing “View>Message>All Headers,” I can easily tell that those emails are actually sent from a fraudster ************* and Mac Mail app correctly dump them into the “Junk” folder. But is there a way(s) to prevent such “sender-impersonation” in Mac Mail app? It’s annoying.



[Edited by Moderator]

MacBook Pro (M1 Max, 2021)

Posted on Oct 25, 2025 12:55 PM

Reply
Question marked as Top-ranking reply
User profile for user: Kurt Lang
Kurt Lang
User level: Level 9
68,508 points

Posted on Oct 25, 2025 1:01 PM

This type of scam email has been going around for years.


You obviously can't blocked the spoofed sender address since that's you, and you will stop receiving all emails to that account.


When I had to deal with these in our small business, I blocked them by using repeated phrases in the body. I'm sure they kept sending them, but their junk never reached the InBox. No idea how many were automatically killed by SpamAssassin. Likely thousands.

View in context
6 replies
Question marked as Top-ranking reply
User profile for user: Kurt Lang
Kurt Lang
User level: Level 9
68,508 points

Oct 25, 2025 1:01 PM in response to Keiichifrommd

This type of scam email has been going around for years.


You obviously can't blocked the spoofed sender address since that's you, and you will stop receiving all emails to that account.


When I had to deal with these in our small business, I blocked them by using repeated phrases in the body. I'm sure they kept sending them, but their junk never reached the InBox. No idea how many were automatically killed by SpamAssassin. Likely thousands.

Reply
User profile for user: Kurt Lang
Kurt Lang
User level: Level 9
68,508 points

Oct 26, 2025 8:56 AM in response to Keiichifrommd

Just to give you a visual of what I wrote …


This is how SpamAssassin looks when setting up filtering rules, but just apply the same idea to what you're using.


Ignore the first Spam Bar entry. This example was using a setup where an email had to match two filters before killing it.


Choose Body so the filter is looking at the body text of all incoming emails. Then use contains so the filter looks for a specific string of text. Look through a half dozen or so of these dumb scam emails and look for a line that's in every one, and definitely wouldn't be in any legitimate email. Like, I've installed a Trojan virus, and put that in the text field (where this example says SEO|seo). And finally, choose to discard any email that matches the filter.


This is how we killed all of these emails (and others). Since SpamAssassin was part of our hosting services email server, anything that was discarded never reached an InBox. For all intents and purposes on our end when retrieving mail, they never existed.


Reply

This thread has been closed by the system or the community team. You may vote for any posts you find helpful, or search the Community for additional answers.

Fraudulent emails from me to myself

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple Account.
Learn more Sign up