Emails with Faked From-Addresses
Re: "The malicious email, which posed as a message from the Facebook security team"
Here at 1USA.Com, our mail servers check to make sure that the From-Address, Mail-From address, Return-Path address and Reply-To address are legitimate for the mail server that's sending the email, and that the IP address of the sending mail server resolves.
As a result, our 1usa.com customers get no spams in their In-Box... unless they invite them in.
There are protocols to determine if an email is legitimate or not. One is called SPF and the other one that's used by Gmail, Hotmail and Yahoo is called Domain Keys.
Just having a Domain Key in the header of an email does not indicate that the email is legitimate though.
1USA.Com has this wonderful mail server that stops spams... but most people would rather go get a 'free' throw-away email account from some other mail server host, then gripe when their bank account is cleaned out. Maybe they need to take Email more seriously... and switch their email service.
Reading PA USA