Guest art101 Posted December 8, 2004 Share Posted December 8, 2004 If this is covered elsewhere, please excuse the duplication and point me to an appropriate thread. Couldn't find anything directly related to this issue when searching the forums. Nestled among about 50 held mails this morning, I received two obvious phishing attempts pretending to come from Sun Trust. I reported the rest of the spew with Quick reporting, but singled these phishing attempts out for special attention. Since I'm not even a Sun Trust customer, that was my first clue that something was fishy, so to speak. Anyway, they were in my SpamCop "held mail" folder and I reported them using the "Queue for reporting (and move to trash)" popup. The first one was parsed just fine and I reported it. The second one ran into a slight bog. The body was identical to the first and included a link to a fake Sun Trust website. But the report said "no links found." Since the first report parsed the link, I was a bit confused. Instead of reporting it, I backtracked to the beginning and refreshed the report. This time, the parsing was fine and the link was properly listed. Does anyone know why this may have happened? The only obvious difference I see between the two is that the email appears to have originated on a different server. The tracking URLs are listed below. The second link is the one that originally didn't parse correctly. Thanks. http://www.spamcop.net/sc?id=z700540786zce...6d6ad5b23dedf1z http://www.spamcop.net/sc?id=z700540788z59...77301814a0bb24z Note to others who receive similar "Sun Trust" phishing attempts: I called the toll free fraud alert number on the Sun Trust website. The rep I spoke with said they wanted copies of any similar reports sent to abuse (at) suntrust.com - so consider adding that address to any reports you file. Obviously, you'll want to use the "[at]" symbol in the address... I wrote it out this way to help keep it from being harvested by spider bots. Link to comment Share on other sites More sharing options...
This topic is now archived and is closed to further replies.