[xoa]

>The username on the domain doesn't matter, only the domain itself.

Of course it matters if it means that it wasn't actually sent from the domain in the first place and there were no "hacks" involved. You said "emails sent from your domain..." but you do know the "From" address in standard email is utterly meaningless from a security perspective right? You can just

  sendmail -f any.address@example.com any.target@example2.com < email.txt

and that's it. There are ways to mitigate that these days and someone can always examine the headers of something suspicious but a lot of older desktop clients and mailservers won't.

Your entire (dubious and uncited) assertion rests on an assumption that it was in fact "sent from their domain". If someone forged it instead then it doesn't even get into law at all, OP simply had nothing to do with it period. Their account wouldn't have been hacked, neither they nor their kit would have any involvement.

[dkersten]

Additionally, it could very well be that one of the letters in the domain name looks like but isn’t one of the normal English ascii characters. I’ve seen scans like this before — they are visually indistinguishable (or extremely close to, eg I’ve seen one that had a tiny dot above the character it was mimicking) from the real thing, but are a completely different Unicode character.

But if you don’t check the email headers, emails are easy to spoof, hell, I did it when I was a kid...

[Alex3917]

> but you do know the "From" address in standard email is utterly meaningless from a security perspective right?

That would be the argument as to why the domain owner would have a duty of care when also using the domain to send legitimate business email. Again I'm not saying there is a duty of care here, I'm just saying that it's not obvious to me that there isn't one.