Re: Why would anyone tolerate this?
Back in the old days, I was astounded at the number of blatantly obvious scams that people fell for in email.
But that is the method they use. They are after the unsophisticated people.
If you know to look at your mail headers when you get an email from Bill.Gates@microsoft.com, to see that none of the "Received:" headers include any routing through any microsoft.com domains, and can see the "Return-Path" header is to a completely different email address than From, well, they don't want you. In fact, they make it easy to see because they are actively trying to avoid you.
This, of course, doesn't apply to spear-phishing attacks, that is a different class entirely.
Biting the hand that feeds IT
