[Dshield] New Phish - AntiPhishing.org?

Chris Wright dshield at yaps4u.net
Fri Aug 19 23:10:41 GMT 2005



> -----Original Message-----
> From: list-bounces at lists.dshield.org 
> [mailto:list-bounces at lists.dshield.org] On Behalf Of John B. Holmblad
> Sent: Friday, August 19, 2005 8:28 PM
> To: General DShield Discussion List
> Subject: Re: [Dshield] New Phish - AntiPhishing.org?
> 
> Chris,
> 
> point well taken and you are a better man than I. I simply 
> delete these bad boys and girls without even checking their 
> veracity. I know that if my bank or cc issuer has a problem 
> with my account they will call me on the telephone, quite 
> quickly in fact. What does puzzle me is why I get such 
> phishes from AOL since AOL is my email provider.  They do a 
> creditable job of spam filtering but for some reason the 
> don't stop the ones that purport to be from "the AOL team" 
> itself with zipped attachments.
> 

They probably have a filter that allows mails from people at AOL, and if it
is forged correctly it might just get through.
They might feel a bit stupid if they sent out an email to their customers
only to find that their own filters stopped it going out.
It might be worth a test sending yourself some spoofed emails 'from AOL' and
seeing which ones get through.
One would assume by the amount of SPAM that we get, there are places on the
net that will allow you to send such emails (jeesh, if only there wasn't).

Basically what they have done is picked up your email address from your
email signature and then sent a mail back using your aol.com in their
spoofed email address.  If I were on btnet.co.uk, then I would get the same
mail as you but from BTNET. I reckon that some of AOL filters allow through
certain email addresses no matter the content and therefore I would forward
on the offending email to AOL abuse and wait a couple of EONS for them to
get back to you with a decent answer, (rather than my midnight hour
thoughts).

Unless I personally know the person I am getting mail from, I never never
believe the To: Fm: CC: etc etc.
And even then, I always check before I read.  If I get new mail from someone
for a first time, then it sits in an inspection folder IF and only IF it has
made it passed my AV/SPAM filters etc.  

A lot of my email addresses are quite public (as in displayed on websites,
web forums etc and I don't really suffer from much SPAM), but in saying
that, ever time I make that statement (especially in this forum), I get
whacked for a few days, out of spite it seems.

See, I told you it was a midnight ramble... I've been wibbling on too much
already...

Pass it on to AOL and let them deal with it... 

Regards

Chris



More information about the list mailing list