*#!@ Phishers!

[Kaylee]

Some Russian crooks tried to steal my PayPal account info twice this week.

I did all the right things -- I reported it to Paypal, my credit card company, my ISP and the FTC. The second time I even reported it to AT&T World Services and Hotmail/MSN because the fake web site was located in the USA and using AT&T as an ISP, and the real domain name was set up by someone with a hotmail address per the WHOIS database.

Betcha they try to steal my info a third time within another week.

Is there anything else that I can do? Would it help to report them to the local police (where thbe servers are located) also? What about the International Police? Both e-mails originated with ISPs in Russia.

It just seems the height of irony that the attempts to deal with phishing are so unorganized and ineffective. (At least it seems that way to me.) Considering how effective a RDBMS can be and how interconnected we all are, I just think we could do much better. </rant>

 

[Starthinker]

If I tried to report each phishing attempt to the level you are I'd be reporting 24/7. I've had 4 today already. If it's a slow day I do forward them to the corresponding agency's abuse e-mail, otherwise I'm sure we'd bury law enforcement if we tried reporting each one.

 

[Kaylee]

I've been very lucky, this is the first phishing attempt directed at me in a long time.

I pay almost all my bills online and except for groceries, I probably do about a third of my purchases online too. So I think the (partial) ID theft must have occurred from the club I paid my membership fee to online using Paypal. I paid them less than a week before the first phishing attempt.

I do feel like deluging everybody I can with complaints. Maybe if they got overloaded there would be an organized effective approach to this problem. Right now it honestly seems like they don't care and they are only interested in the CYA approach, and not in solving the problem.

 

[Orangutan]

It could be coincidence. I got a pay pal phishing attempt long before I ever had a paypal account.

 

[BPSCG]

Some Russian crooks tried to steal my PayPal account info twice this week.

I did all the right things -- I reported it to Paypal, my credit card company, my ISP and the FTC. The second time I even reported it to AT&T World Services and Hotmail/MSN because the fake web site was located in the USA and using AT&T as an ISP, and the real domain name was set up by someone with a hotmail address per the WHOIS database.

Betcha they try to steal my info a third time within another week.

Is there anything else that I can do? Would it help to report them to the local police (where thbe servers are located) also? What about the International Police? Both e-mails originated with ISPs in Russia.

It just seems the height of irony that the attempts to deal with phishing are so unorganized and ineffective. (At least it seems that way to me.) Considering how effective a RDBMS can be and how interconnected we all are, I just think we could do much better. </rant>

Any way you could obtain a virus and send it to them as an attachment to an email reply? "Dear CitiBank - I am having trouble accessing your web site so that I can follow your instructions to update my personal information. I saved a copy of the error message in the attached file. Could you please examine it and let me know what the problem is? Thank you very much."

 

[Kaylee]

It could be coincidence.

True, for the club's sake I hope so.

 

[Kaylee]

Any way you could obtain a virus and send it to them as an attachment to an email reply? "Dear CitiBank - I am having trouble accessing your web site so that I can follow your instructions to update my personal information. I saved a copy of the error message in the attached file. Could you please examine it and let me know what the problem is? Thank you very much."

That's a great idea! My hacking skills are pretty poor, but for the cause I'm willing to be a script kiddie.

 

[Kiwiwriter]

Sink the Phishermen!

Several ways you can fight these scum:

1. Tap on their fake "link." On the e-mail they send you, it will read as the actual address to Paypal, E-bay, or wherever. However, the link is actually a .jpg of that address...the one that comes up is invariably different from the real address. Look at the actual address line on the page you tap, and see if it matches the real address. Chances are the actual source will be Belgium, Poland, or Romania, all hotbeds of identity theft rings.

2. Study that fake e-mail. These clowns are clever at manipulating computer codes and emotions, but not at the English language. They copy each other's files, down to the graphics, complete with the original author's illiteracy. These guys are often Belgian, Polish, or Romanian, and don't speak much English. They also address the e-mail to "Dear Valued Paypal Customer," instead of your actual Paypal handle.

3. Study that e-mail's headers. These computer jerks screw up and send them to "undisclosed recipients" or the entire list they CC'd from an address disk, not to you.

4. Put a fake name and password in the "name" and "password" box. I write down "Adolf Q. Hitler" and "Eva Braun" as my name and password. They invariably take me directly to the page they really want you to go to, where they demand your entire life information.

5. Paypal and other such outfits will NEVER ask you to do such "reconfirming" of your personal details. They say so in their e-mails. If you suspect an e-mail is a fake, ignore their links, and go straight to their real entry page. E-bay frauds, for example, will send fake e-mails claiming a dispute over payment for some auction item (which you, of course, know nothing about), and demand that you clear this up immediately. But that message will not, of course, be on the real E-bay "messages" folder. If it isn't there, it isn't real.

6. Send the message's headers and links to Spamcop, and that site will translate it for you and tell you where it really came from. Then you can complain to the webserver, the routes it bounced off of, and to the government authorities about the "J. Palmer Cass." (My term for idiots)

7. Do not answer the e-mail.

 

[sophia8]

Yes, it's coincidence. The phishers get lists of millions of email addresses and spam them all. It only needs a couple of hundred of the spammed 'marks' to bite, and they've made their fortune.
I get a dozen or more of these phishing emails every day. They purport to come from Ebay, Paypal, Amazon as well as every bank you've ever heard of. I just hit the "This is spam" button when I get one - there just aren't enough hours in the day to follow them up.

 

[ChristineR]

There isn't much you can do about these guys, except report them to SpamCop. 99% of this stuff comes from addresses that are on the permanent SpamCop blacklist, but sometimes you get spam from a compromised computer on a legitimate ISP and if SpamCop notifies the ISP quickly enough things can get shut down and cleaned up that much sooner. This usually means within an hour or so of your getting the spam...you then have the satisfaction of knowing that you have spared 10,000 or so little old ladies the pain of seeing this crap and possibly saved someone some money.

Sometimes you also get spam from someone violating the terms of service of a legit ISP , and those guys usually fling the offender off and charge them for the privilege, and that can be a very satisfying feeling!

 

[Mongrel]

Yes, it's coincidence. The phishers get lists of millions of email addresses and spam them all. It only needs a couple of hundred of the spammed 'marks' to bite, and they've made their fortune.
I get a dozen or more of these phishing emails every day. They purport to come from Ebay, Paypal, Amazon as well as every bank you've ever heard of. I just hit the "This is spam" button when I get one - there just aren't enough hours in the day to follow them up.

For those of us with less busy Inboxes I'd say it's worth the time to go to the banks\paypal\E-bay site, search for "Phishing", most times they'll have an option to foward it to their fraud dept. The quicker people do that the quicker the site gets shut down and the fewer people get scammed

 

[Kaylee]

Several ways you can fight these scum:

4. Put a fake name and password in the "name" and "password" box. I write down "Adolf Q. Hitler" and "Eva Braun" as my name and password.

Seriously, thanks for writing such a detailed response. Most of the ISPs, credit card companies and major online vendors don't provide this info and its great that you put in the time and made the effort to do so.

I find it especially annoying when companies neglect to tell their clients that they need full header info in order to do anything about the problem. AFAIK, most people who receive phishing attempts still don't know that.

The first time I complained to Paypal they actually had a form when they asked their client to cut and paste mad: !#@ ) the suspicious e-mail into a form box. You can bet I complained about that too.

 

[Starthinker]

4. Put a fake name and password in the "name" and "password" box. I write down "Adolf Q. Hitler" and "Eva Braun" as my name and password. They invariably take me directly to the page they really want you to go to, where they demand your entire life information.

I usually put their IP address in the name and something like "you have been reported" as the password or something along that line.

And why do I get phishing e-mails from the Fifth-Third Bank? Is that really a bank? I get like 3-4 of those a day.

 

[Charlie Monoxide]

I get about 2 or 3 "phishing" emails a week. I'm always amazed at how many bank accounts I have, and that these banks are interested in "re-confirming my ID and password". Amazingly, my one (and only) real bank account has never had a phishing attempt, even though it's quite big.

I use to forward (typically to abuse@xxx.yyy) the bank phishing emails to the institution that was being targetted. I also wrote up a polite email indicating that I'm not a customer of them, but please be aware that you're on a phisher's hitlist.

After doing this about a dozen times, I noticed that I had never received a reply acknowledging my email or thanking me. I guess I was just background static.

Now I don't bother and accept that such is the Darwinian nature of the internets ....

Charlie (send for my Paypal info) Monoxide

 

[Kaylee]

There isn't much you can do about these guys, except report them to SpamCop. 99% of this stuff comes from addresses that are on the permanent SpamCop blacklist,

So they're known but still in business -- this really really makes me angry. These guys are a cancer and they should be immediately cut out of the system. To use a brick and mortar example -- NYC subways use to have a much worse graffiti problem. It only got under control when the MTA decided to remove graffiti immediately. Prompt removal cut back on new attempts -- it was the most effective thing they did to discourage this. (FWIW, I think attempted theft is much worse than graffiti, but its the quickest example I can think of right now for how effective a quick and thorough response can be.)

I don't think most of the ISPs, banks and major online vendors are serious about dealing with this problem. If they were, there would be an industry agreement to make the e-mail addresses for reporting this problem uniform (vs the current situation, where the e-mail addresses are unique and often difficult to find), the importance of forwarding full header information would be widely known even to non-techies and thats just for starters. I think there is the attitude that no one wants to spend time and money to solve "someone elses problem".

For another example of an offline problem -- many years ago I had my wallet stolen. When I reported it, the cops were complaining bitterly about how the banks really were very uninterested in solving the problem of securing credit cards. Now, many years later, its finally an improved situation. There are security numbers on the back of the card for telephone and web purchases. Some banks give their clients the option of having their photographs put on their credit card. But honestly, this could easily be a requirement, and I think it should be.

We, as a society, could do a better job about internet fraud and spam also. It would require true cooperation from the users, corporations and the police with use of effective tools like relational databases, automated e-mails and scripts to verify the reports, etc. Perhaps Spamcop could be the answer with more support. Perhaps they could eventually be as effective as the 911 program but with the challenge of dealing with both private and govt entities, not just govt entities.

This isn't one of my best written posts, but I hope I got some of my points across anyway. I"ve no time to rewrite this because real life interferes...

...Sometimes you also get spam from someone violating the terms of service of a legit ISP , and those guys usually fling the offender off and charge them for the privilege, and that can be a very satisfying feeling!

True, even with our current ineffective system, sometimes the good guys win.

 

[ChristineR]

Shera, most of the rogue ISPs are in Korea, China, Brazil or somewhere in the former Soviet Union. They also tend to be monopolies.

Most experts think that the best hope is legitimate businessmen from those countries screaming that all their e-mail is being rejected as spam. Some people just block all e-mail from those places.

On the other hand, many of the offenders are American, and it's a surprisingly small group of people. They sell spam services to a large group of people who think that they will make a million dollars, but in reality only the service providers and the rogue ISPs are making any money. You and I and quite a few other people think that the FBI should just arrest these guys, as they are pretty well known.

 

[Orangutan]

That's a great idea! My hacking skills are pretty poor, but for the cause I'm willing to be a script kiddie.

Please don't do this. It's a phenomenally bad Idea and is also illegal.

 

[Kaylee]

That's a great idea! My hacking skills are pretty poor, but for the cause I'm willing to be a script kiddie.

Please don't do this. It's phenomenally bad Idea and is also illegal.

Yeah, chances are I'd be the one that end uip in jail -- not the con artists! Anyway, I'm too lazy -- so no worries.

Shera, most of the rogue ISPs are in Korea, China, Brazil or somewhere in the former Soviet Union. They also tend to be monopolies.

Most experts think that the best hope is legitimate businessmen from those countries screaming that all their e-mail is being rejected as spam. Some people just block all e-mail from those places.

Not a bad idea, I may do that.

On the other hand, many of the offenders are American, and it's a surprisingly small group of people.

I thought that might be the case. You seem to be very well informed on the subject -- what do you read, if you don't mind my asking? I've gotten a little lazy (see above ) and I don't keep up as much in this area as I use to. Any recommendations (other forums, web sites, mags, etc) appreciated.

They sell spam services to a large group of people who think that they will make a million dollars, but in reality only the service providers and the rogue ISPs are making any money. You and I and quite a few other people think that the FBI should just arrest these guys, as they are pretty well known.

Sounds good to me!

 

[BPSCG]

Please don't do this. It's a phenomenally bad Idea and is also illegal.

Oh, well. Too bad; woulda been poetic justice.

 

[Kiwiwriter]

No worries, mate...

Seriously, thanks for writing such a detailed response. Most of the ISPs, credit card companies and major online vendors don't provide this info and its great that you put in the time and made the effort to do so.

I find it especially annoying when companies neglect to tell their clients that they need full header info in order to do anything about the problem. AFAIK, most people who receive phishing attempts still don't know that.

The first time I complained to Paypal they actually had a form when they asked their client to cut and paste mad: !#@ ) the suspicious e-mail into a form box. You can bet I complained about that too.

Glad I could help.

Get yourself to Spamcop, register there, and that will help you fight spam.

What you do then is copy the whole thing to text, which will explode the .jpgs and fake addresses, and cut and paste that to Spamcop, and send it to them. They do the work and obediently spit out the real sources for the e-mail, and you can fire off the complaint through them to Spamcop. You can also copy the real addresses and do it yourself.