Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

How can I zip an email to forward it to spoof at paypal without opening it?

  • 4 replies
  • 1 has this problem
  • 5 views
  • Last reply by sfhowes

more options

Spam email says I've made a payment via PayPal and has some of the numbers of my credit card. Neither PayPal or my bank account shows this payment as having been made. The email asks me to reply to them if I did not make this payment. (which I did not.)

(I have not opened the email, I read the contents via View>Message Source.)

I've tried to forward the entire email as an attachment to spoof at paypal but they've sent it back and want it zipped.

I'm using Win 7, tried right clicking on the file to send it to a zip folder but I don't have that option right clicking in Thunderbird.

How can I zip this email so PayPal will take a look at it?

thanks

Spam email says I've made a payment via PayPal and has some of the numbers of my credit card. Neither PayPal or my bank account shows this payment as having been made. The email asks me to reply to them if I did not make this payment. (which I did not.) (I have not opened the email, I read the contents via View>Message Source.) I've tried to forward the entire email as an attachment to spoof at paypal but they've sent it back and want it zipped. I'm using Win 7, tried right clicking on the file to send it to a zip folder but I don't have that option right clicking in Thunderbird. How can I zip this email so PayPal will take a look at it? thanks

All Replies (4)

more options

If you viewed the source, you have in fact opened the message, but to zip the message, just right-click it, Save As..., and select the destination folder for the eml file. Then, in Explorer, add the file to a zip archive and attach the zip file to a message.

more options

[quote]If you viewed the source, you have in fact opened the message/quote

Really? I've done that for years thinking it was a safe way to see if an email was safe to open or not. I've always thought of it as the very best reason to use Thunderbird.

IS there a way to see if an email is safe or not?

I received one supposedly from my own son but both the sender and the subject names were his name, so I checked it out via View>Message Source, thought it looked suspicious, called him and he had not sent it.

Someone had gotten into his email addresses somehow. I recognized names of other relatives and called them to warn them not to open it but their virus protection programs had eliminated it.

I followed your instructions and managed to send this email to spoof at paypal, but by doing so I could read the message, so apparently going through that opened it too.

I've just run a virus scan on my machine. Supposedly OK.

Now I suddenly feel like I should never open any email, ever again. This is disheartening.

more options

Opening email is not in itself especially dangerous. Well, this is true in Thunderbird; in other mail clients, which run scripts, you are more exposed and vulnerable to bad content.

Clicking on stuff you find inside email messages is dangerous. Don't do that and it's hard to see how viewing a message can cause your computer any harm. I guess one advantage of viewing the source of a message is that the viewer doesn't render URLS etc as clickable links. But for that source viewer to work, the message has already been parsed and loaded into memory. I don't know how one could consider that not to be equivalent to "opening" it, whatever you think that means.

Viewing when offline, or with html disabled defeats the "phone home" webbugs that track your reading of the message, but these in themselves can't do anything to your computer.

more options

Besides the precautions mentioned above, download any suspicious attachments to a location outside of TB and scan them with an anti-virus program (or upload them to a site like virustotal.com). Merely allowing a malicious file to be stored on your computer does not make it destructive - as long as you don't open or launch it.

Don't click on an email link if you're unsure of its validity. The reason they're called "trojans" is because they require the victim to voluntarily initiate the cause of his own calamity.

For the purposes of public email, shopping etc. consider using a Gmail, Hotmail/outlook etc. address, as these services automatically scan email, disable remote images and clickable links, and do a good job of filtering spam.