I'm a very suspicious person by nature, especially when it comes to email. This email (in its entirety below) landed in my inbox this morning. I'd like some help in discerning its true nature. No, I don't think I have untold riches awaiting me due to my grandfather's lost art, although he was a European immigrant, he came to NY in the early 1920's and NOT from Germany. I'm more concerned about how they got my full name & email address, and the lack of any obvious fraudulent reply addresses.
I host my company's SMTP email locally on my SBS2003 server (all patched and firewalled, double-NAT'd) and I did use my company email account early on for a couple Complainterator reports, as that is my default email address, but changed it after a few reports. That's my only account that has my full real name & company name.
Could this be a spammer messing with me? All the info in the header looks genuine, except for that originating 10.27.80.10 IP address, but I suppose that could be spoofed. Still, what would they have to gain by doing this? Could the spammers have submitted a claim on my behalf to this org? The reply address matches up to the one on the State's website, Claimsques
banking.state.ny.us . See:
Should I reply and tell them there is no claim? Delete it and move on? It all seems too "genuine" for my tastes. Along with everyone else, I'm always looking out for identity theft.
Thanks folks. Does anyone see anything here that I missed? Full message:
Dear Mr. [My real last name redacted],
Thank you for your message concerning your grandfather's art works. In order to ascertain how we can best assist you, we would be grateful if you could please provide us with some additional information. Do you know which particular art works your grandfather was able to reclaim through his export firm Steinhardter and Nortlinger and which works are still missing? Do you have any details about the missing art works such as their titles, authors, mediums and dimensions? Do you have any information regarding the loss of these art works such as whether they were seized from your grandfather's home in Germany, etc.? Lastly, do you know if your family ever filed for post-war compensation?
X-SpamPal-Timeout: Prevent
Return-path: <
[email protected]>
Envelope-to: [
[email protected] redacted]
Delivery-date: Tue, 09 Feb 2010 08:11:53 -0600
Received: from smtpmail1.banking.state.ny.us ([12.233.35.73])
by [My ISP redacted].net with esmtps (SSLv3:RC4-MD5:128)
(Exim 4.69)
(envelope-from <
[email protected]>)
id 1NeqoX-0002dB-3c
for [MyName
@MyCompany.com redacted]; Tue, 09 Feb 2010 08:11:52 -0600
Received: from banking.state.ny.us ([10.27.80.10])
by smtpmail1.banking.state.ny.us (Lotus Domino Release 6.5.3FP1)
with ESMTP id 2010020909123321-129156 ;
Tue, 9 Feb 2010 09:12:33 -0500
In-Reply-To: <F3ECD9C5E9A21C4DBB9DF9CC6BC574DD24256F@[MySMTPMailserver redacted].[MYDOMAIN redacted].local>
From: Claimsques
@banking.state.ny.us
To: "[My Real Name redacted]" < [
[email protected] redacted]>
Subject: Re: lost artwork
MIME-Version: 1.0
X-Mailer: Lotus Notes Release 6.5.1 January 21, 2004
Message-ID: <OF419E10B9.CC2A6B6C-ON852576C5.004D4DE9-852576C5.004E0D62@banking.state.ny.us>
Sender: Rebecca.Friedman
@banking.state.ny.us
Date: Tue, 9 Feb 2010 09:11:42 -0500
X-MIMETrack: Serialize by Router on Dom4NYC1/NYSBD(Release 6.5.3FP1|December 15, 2004) at
02/09/2010 09:11:42,
Serialize complete at 02/09/2010 09:11:42,
Itemize by SMTP Server on DOMNYC1BK/NYSBD(Release 6.5.3FP1|December 15, 2004) at
02/09/2010 09:12:33 AM,
Serialize by Router on DOMNYC1BK/NYSBD(Release 6.5.3FP1|December 15, 2004) at
02/09/2010 09:12:42 AM,
Serialize complete at 02/09/2010 09:12:42 AM
Content-Type: multipart/alternative; boundary="=_alternative 004E0D5F852576C5_="
X-Spam-Status: No, score=-0.7
X-Spam-Score: -6
X-Spam-Bar: /
X-Spam-Flag: NO
X-SpamPal: PASS
This is a multipart message in MIME format.
--=_alternative 004E0D5F852576C5_=
Content-Type: text/plain; charset="US-ASCII"
Dear Mr. [My Real Last Name redacted],
Thank you for your message concerning your grandfather's art works. In
order to ascertain how we can best assist you, we would be grateful if you
could please provide us with some additional information. Do you know
which particular art works your grandfather was able to reclaim through
his export firm Steinhardter and Nortlinger and which works are still
missing? Do you have any details about the missing art works such as
their titles, authors, mediums and dimensions? Do you have any
information regarding the loss of these art works such as whether they
were seized from your grandfather's home in Germany, etc.? Lastly, do you know if your family ever filed for post-war compensation?
Sincerely,
Holocaust Claims Processing Office
New York State Banking Department
--=_alternative 004E0D5F852576C5_=
Content-Type: text/html; charset="US-ASCII"
<br><font size=2 face="sans-serif">Dear Mr. My Real Last Name [redacted],,</font>
<br>
<br><font size=2 face="sans-serif">Thank you for your message concerning
your grandfather's art works. In order to ascertain how we can best
assist you, we would be grateful if you could please provide us with some
additional information. Do you know which particular art works your
grandfather was able to reclaim through his export firm Steinhardter and
Nortlinger and which works are still missing? Do you have any details
about the missing art works such as their titles, authors, mediums and
dimensions? Do you have any information regarding the loss of these
art works such as whether they were seized from your grandfather's home
in Germany, etc.? Lastly, do you know if your family ever filed for
post-war compensation?</font>
<br>
<br><font size=2 face="sans-serif">Sincerely,</font>
<br>
<br><font size=2 face="sans-serif">Holocaust Claims Processing Office<br>
New York State Banking Department<br>
</font>
--=_alternative 004E0D5F852576C5_=--
I researched the message text, as well as keywords which might lead to previous scams, but all I found was obvious 419-style "YOU HAVE $$$ WAITING FOR YOU!" types of emails from the same agency with @yahoo email addresses. Any & all input invited. If I failed to redact any personal info, mods, please feel free to edit accordingly.
Thanks again.
Posted: Tue Feb 09, 2010 1:59 pm 
