Originally Posted by
cjermain
I got an email from a United.com email address, purportedly from the Mexico City office. The gentleman sending the email saw a reservation I have to travel to MEX, but haven't paid for. He said he could ticket it for $50 less per person than the price on the reservation (3 people). He knew my confirmation number and the price. All I have to do is call him and give him my CC info.
It seems legit. And $150 savings is not nothing. I wrote back to him (at the united.com email address) and he responded right away.
BUT... I just hate calling someone in Mexico I don't know and giving him by CC info. Thoughts?
Check the address you sent the message to in your sent messages folder. As was said above, there's a From: header that's used for display and a Reply-To: that's used when replying (at least that's how most mail clients work).
It's pretty easy to spoof e-mails, but also pretty easy to rule it out, if you can read the e-mail headers.