Email

Mail.ru substitution of the from field, how is it possible and who is to blame?

Hello.
The other day (August 4) I received a letter to the post office (mail.ru). Sender - [email protected] Looked - they have such an address and it is used. In a non-personalized letter (dear client...) they were informed that the card was blocked due to high activity. To unlock, they asked to send a photo of the card on both sides and the main page of the passport.
After thinking, I decided that it looks like nonsense, because. Sber usually calls and is unlikely to ask for such information. I called the Sberbank, described the situation (apparently it was the "first line"), they transferred it to a "specialist". While describing the situation to a specialist and at his request, he spelled the address, pressed answer and saw a completely different address in the response form. I told the address to a specialist, he thanked for his vigilance, advised me to check for viruses and not send anything.
Malicious software I exclude - tk. a similar situation on the home and work PC and on the phone.
The next day I created a ticket in mail.ru, where they also thanked me and did not explain anything. Most likely they just closed the ticket.
I would like to understand on whose side the vulnerability is and how to get through to this side. It seems that mail.ru, but I'm very bad at information security - I could be wrong. And it’s not in vain that I worry so much whether my thoughts are justified that this is not a minor problem and requires a quick response.
Thank you!
Update:
From the answers it is clear that this is not a vulnerability and I panicked in vain. Thanks again everyone!