Last week, one of my customers replied to an email I had sent them. The subject line read "Invoices" and the body was as follows:
Good Morning AP,
Kindly update me on payment status on the attached invoices.
Thank you.
Mark
The problem is-- I never wrote that email. I don't write like that and I never use non-descriptive one-word subject lines. The email also doesn't appear in my "sent items" either online (office.com) or in Outlook. The weirdest part is that the email had two PDF files attached-- two valid invoices which I had submitted to this customer many weeks prior-- in two totally separate emails. Other than the customer, I am the only one who has access to these files.
I asked the customer to send me the original email so I could look at the headers (attached). About halfway down, you'll notice that the message was received by "looklarson.mymailsrvr.com" and that the authenticated sender is listed as "brianeudy@looklarson.com". looklarson.com is the domain for a car dealership in Washington with which I've never had any dealings whatsoever. Further down, you'll see that the Reply-To was set to "invoiceinquiries@gmail.com". No idea who that belongs to, but a Google search turns up zero results.
Bottom line-- I am completely stumped as to how this happened and am looking for any ideas as to how to prevent it from happening again.
Thank you!
headers.txt