Jump to content
Sign in to follow this  
GFPhelps

Phishing E-Mail Enhancement

Recommended Posts

I recently received a phishing e-mail, allegedly from Washington Mutual. I was disappointed to see that when SpamCop processed the e-mail, that there was no automatic report to be sent to the security department at Washington Mutual, i.e., to e-mail address spoof[at]wamu.com, as disclosed on the Washington Mutual web site.

I sugggest adding this as a SpamCop enhancement.

Share this post


Link to post
Share on other sites

Discussed much in a number of other places. The basic problem is that these other outfits can't seem to agree on a standard address, some don't want to be bothered, some go with that the first 100 notifications are enough, etc. etc. etc.

Then one gets into that the SpamCop parser isn't looking at "content" .. but you are asking for a "judgement call" on the visibility of a URL within a submittal.

You might wish to feed your discovered reporting address and the URL it was found on to Marjolein, owner of the Ban-spam page, linked to from the Forum FAQ.

Share this post


Link to post
Share on other sites
I recently received a phishing e-mail, allegedly from Washington Mutual.  I was disappointed to see that when SpamCop processed the e-mail, that there was no automatic report to be sent to the security department at Washington Mutual, i.e., to e-mail address spoof[at]wamu.com, as disclosed on the Washington Mutual web site.

I sugggest adding this as a SpamCop enhancement.

23580[/snapback]

...Although not exactly what you request, see thread "Additional reporting?, Stock picks, piracy, viagra".

Share this post


Link to post
Share on other sites
Discussed much in a number of other places.  The basic problem is that these other outfits can't seem to agree on a standard address, some don't want to be bothered, some go with that the first 100 notifications are enough, etc. etc. etc.

23588[/snapback]

The following was reported in The Washington Post as a place to report Phishing:

Anti-Phishing Working Group, http://www.antiphishing.org/

I have not received any phish bate lately (don't tell any one!) but looking at their web page it looks like the right place to report. They have the same reporting requirements as spamcop (email attachment with full header etc.). They appear to ask for all reports so figured I would add <reportphishing[at]antiphishing.org> to the TO: list.

If (when) I get some phishing spam I will report any blow back.

Share this post


Link to post
Share on other sites
I had added that URL to the Forum FAQ eons ago <g>

26253[/snapback]

That's good to know. I will take it as an endorsement, you never know who paid the guy at the Post. My luck , i've read 25778 entries and missed the one ... <g> Corporate memory is good.

Share this post


Link to post
Share on other sites

I was rather astonished to see, when I reported a PayPal phishing scam, that spoof[at]paypal.com was one of the reporting addresses listed. Perhaps PayPal asked that it be added? In the past, I've added that address myself.

Share this post


Link to post
Share on other sites
I was rather astonished to see, when I reported a PayPal phishing scam, that spoof[at]paypal.com was one of the reporting addresses listed.  Perhaps PayPal asked that it be added?  In the past, I've added that address myself.

28041[/snapback]

...This has happened to me, as well (although not recently). I presumed it was because a PayPal-controlled web server was referenced in the body of the spam, perhaps to retrieve the PayPal logo or something....

Share this post


Link to post
Share on other sites
...I presumed it was because a PayPal-controlled web server was referenced in the body of the spam, perhaps to retrieve the PayPal logo or something....

That is correct. The phishers (phishermen?) reference the paypal wabpage for logos, as well as in the fine print "help", "security/privacy", "contact use" and other non-phishing pages to make the email look real.

I like you send the original email to spoof[at]paypal.com and reportphishing[at]antiphishing.org in addition to [at]spam.spamcop.net

Share this post


Link to post
Share on other sites
I like you send the original email to spoof[at]paypal.com and reportphishing[at]antiphishing.org in addition to [at]spam.spamcop.net

28457[/snapback]

Please see the second paragraph of my posting http://forum.spamcop.net/forums/index.php?...indpost&p=27444 concerning revealing your confidential submit address at spam.spamcop.net. Thanks!

Share this post


Link to post
Share on other sites
Please see the second paragraph of my posting http://forum.spamcop.net/forums/index.php?...indpost&p=27444 concerning revealing your confidential submit address at spam.spamcop.net.  Thanks!

28489[/snapback]

Yes I read you post last month <g>. And yes you are correct, I should have been explicit about using Bcc: with [at]spam.Spamcop.net. I just "assumed" every one else has read and remembers all posts <g>.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

×