cherrick Posted November 11, 2009 Share Posted November 11, 2009 What do you suggest? When I get those phishing emails claiming to need my SpamCop uid and pwd, is there any reason not to respond by hitting Reply and sending them bogus names and passwords and lots and lots of embedded curse words. And I do mean lots and lots. Currently, I carefully report the incoming phish as spam and then quietly delete the email. However, it would give me huge pleasure to know that out there some phisher is opening my email and turning red in reaction to my rage. Thoughts? Link to comment Share on other sites More sharing options...
SpamCopAdmin Posted November 11, 2009 Share Posted November 11, 2009 is there any reason not to respond by hitting Reply and sending them bogus names and passwords and lots and lots of embedded curse words.The return address on spam is almost universally either fake or forged. If you reply, you will be sending your rage to an innocent bystander, not the spammer. Your replies to fake email addresses will generate a Delivery Failure Notice, which will add even more unwanted email in your Inbox. - Don D'Minion - SpamCop Admin - . Link to comment Share on other sites More sharing options...
cherrick Posted November 11, 2009 Author Share Posted November 11, 2009 Why would a phisher send an email asking for uid and pwd and then set a fake Reply-To? Link to comment Share on other sites More sharing options...
turetzsr Posted November 11, 2009 Share Posted November 11, 2009 Why would a phisher send an email asking for uid and pwd and then set a fake Reply-To?...Aren't phishes normally requests to enter uc and pw into a (fake) web page, not to send the uc and pw via e-mail? Link to comment Share on other sites More sharing options...
cherrick Posted November 11, 2009 Author Share Posted November 11, 2009 ...Aren't phishes normally requests to enter uc and pw into a (fake) web page, not to send the uc and pw via e-mail? Not the ones I receive. Here is the content of the most recent phish: >>>" Attention spamcop.net Account holder, This message is from the Database Information Technology service messaging center, to all our e-mail account holders. All Mailhub systems will undergo regularly scheduled maintenance. Access to your mailbox via our mailportal will be unavailable for some period of time during this maintenanceperiod. We shall be carrying out service maintenance on our database and e- mail account center for better online services. We are deleting all unusede-mail accounts to create more space for new accounts. In order to ensure you do not experience service interruptions/possibledeactivation Please you must reply to this email immediately confirming your spamcop.net email account details below for confirmation/identification 1. First Name & Last Name: 2. Full Login Email Address: 3. Username & Password: 4. Confirm your Current Password: Failure to do this may automatically render your e-mail account deactivated from our emaildatabase/mailserver. to enable us upgrade your email account, please do reply to this mail. Thanks. Upgrade Team " <<<< Note the "reply to this email" Link to comment Share on other sites More sharing options...
Farelf Posted November 12, 2009 Share Posted November 12, 2009 ...Note the "reply to this email"Chris, goodness knows what grief you might be letting yourself in for, if you reveal yourself to be 'responsive'. The usual advice is, "Never make eye contact," as it were. If you want to do something a little more proactive and if you're sure the return address is part of the phish, you can add the abuse address for the mail service to your user-defined/specified reports. A recent topic in which this was discussed is http://forum.spamcop.net/forums/index.php?showtopic=10653 You can get the abuse address by entering the email address (only) in the submission form at your SC member's page. You should probably add a note to the report specifying the address and stating that it is the 'drop box' part of the phishing attempt indicated in the report. Providers are often slow on the uptake, or profess to not understand, when the 'abused' address is not actually the (real) sending address (there are many rants in these pages about hotmail, yahoo, etc.) so a user-defined report might not quite cut through the fog. Be aware that the mail provider abuse address obtained from the SC 'parse' procedure may/could be a specific reporting address for SC reporting use (usually specifying 'spamcop' in the address). If so you should not use it for manual reports (generally another option) - only use any such address for the user-defined reporting address as part of the SC reporting process as described. You can check the success (or otherwise) of the takedown of the 'dropbox' by using one of the email validators discussed at http://forum.spamcop.net/forums/index.php?showtopic=10663 (the Hexillion one is barred by hotmail and probably only a matter of time before the ipaddresslocation.org one is too). You might save yourself the bother and accept that, sooner or later, you are probably going to get sick of the extra effort (so why not sooner?). Yet it has the potential to do some good and I can only applaud your endeavour if you do go ahead. HTH Steve Link to comment Share on other sites More sharing options...
Miss Betsy Posted November 12, 2009 Share Posted November 12, 2009 IMHO, It is worthwhile, if you have time, to report the 'drop boxes' if you are sure the ISP is not the spammer. It does not do much good to contact the spammer who may target you for various kinds of retaliation. Miss Betsy Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.