Been Phished, not hooked

Discussion in 'Tech Talk' started by pascal, Mar 11, 2010.

  1. pascal

    pascal

    Messages:
    786
    Likes Received:
    0
    Joined:
    Jan 30, 2006
    Howdy,
    Received a formal looking email from my bank. Stating there was unusual activity on my account and the account was frozen, until I followed link to verify my identity. I forwarded the email to the two sites my real bank phishing department said to. Will call to confirm anyway. Isn't the Firewall and anti-malware supposed to catch it?
    pascal
     
  2. kc8ykd

    kc8ykd

    Messages:
    2,090
    Likes Received:
    0
    Joined:
    Oct 6, 2005
    Location:
    michigan
    firewalls don't protect against stuff like that, they protect against directed attacks against your computer.

    unless the email contained actual mal-ware, then the anti-malware program wouldn't care about it either.

    what you got was spam and would normally be caught by a spam filter as part of an email system.
    spammer blast out millions of emails like that daily and you happened to get one that's similar to your real bank.

    last i saw, something like 98.x% of emails are spam these days.
     
    Last edited: Mar 11, 2010

  3. MavsX

    MavsX The Dude Abides

    Messages:
    3,033
    Likes Received:
    0
    Joined:
    Jan 19, 2009
    Location:
    Arlington, VA
    no. those spammers send out a billion of those emails. It just so happens that you actually have one of the banks that was sent. Good thing by not following their links, because those links are obviously bad. Think about it, those guys can send out a billion of those emails...if only 1% of people fall for it..what is that 10 million hits.

    so yeah...sometimes i get crap like that too..for banks i dont have..they are just playing the odds. get it?
     
    Last edited: Mar 11, 2010
  4. pascal

    pascal

    Messages:
    786
    Likes Received:
    0
    Joined:
    Jan 30, 2006
    Thanks Gentlemen,
    I have been luckily ignorant. I never realized that there was so much of this going on. It is partially my fault. I have my server send messages they believe are spam but put a header title on it. So the server caught the spam. Unfortunately it has also marked legitimate email as spam. So I'll will be more vigilant. Billions, rat excrement.
    pascal
     
  5. HKUSP45Css

    HKUSP45Css

    Messages:
    3,969
    Likes Received:
    1
    Joined:
    Apr 4, 2007
    Location:
    Houston, by God, Texas
    If you don't like spam I have the perfect solution for you to stop it. Everyone should do this, IMHO.

    Create a brand new "online identity" today. Go to Gmail or to your ISP and create a new E-mail address. Then, go create a second online identity, similar but not identical to the new one you just created.

    Go to places that you NEED E-mail from, such as your bank, creditors and family/friends and inform them, in whatever way they want you to, of your new online identity.

    Here's the part where we get rid of spam forever ....

    Never give that particular E-mail address to ANYONE you don't personally know and don't personally want specific correspondence from.

    Use your secondary online identity to sign up for websites, enter sweepstakes and get correspondence from strangers/strange companies. Only check it as often as you want to or when you're expecting something specific, like a registration confirmation E-mail. If you want to, use "mail rules" to forward specific correspondence to your primary address so you don't have to go check it for daily updates you "kinda want" to see but don't NEED.

    POOF! No more spam in the inbox you read daily.

    Also, never post your "primary" identity's E-mail in a text readable format on the web, not in a forum post, not in a word document you pasted on your website, not on your website, you get the idea. Spammers use "scubbers" to look for text like XXX@XXX.XXX and compile those addresses in spam lists to be sold. If you must, absolutely must, post your addy online use a format like xx.xx.xx "AT" x.x.x. "COM" and just tell people to remove the extraneous dots.

    Then, forget about your compromised identity, it's toast, particularly if you've ever clicked the "unsubscribe" button in one of those E-mails.

    It shouldn't take you more than an hour or two to set this up, well worth the cost to be spam free forever.
     
  6. pascal

    pascal

    Messages:
    786
    Likes Received:
    0
    Joined:
    Jan 30, 2006
    HKUSP45Css,
    Sounds like a good idea. I'm just slow enough that it will take me a while to digest then implement it. Thanks.
    pascal
     
  7. Linux3

    Linux3

    Messages:
    1,399
    Likes Received:
    0
    Joined:
    Dec 31, 2008
    Until one of your trusted friends get a trojan which scans the friend's email and poof! You are back in the spam lists.

    I don't know about I.E. but with Firefox and Konqueror if you mouse over the link that the phishing email wants you to click you will see the actual email address.
    So what looks like "www.bankofamerica.com" when you mouse over it will show something completely different in the bottom of the browser. If that something different is an IP address rather than a name..... Guess what.
    Or even a name like"www.imlookingforsuckers.com/~bankofamerica
     
  8. MavsX

    MavsX The Dude Abides

    Messages:
    3,033
    Likes Received:
    0
    Joined:
    Jan 19, 2009
    Location:
    Arlington, VA

    pretty good idea. i've already done that. i have my legitimate email address for friends and family
    i've got an email address i use for things that i want people to be able to contact me, but just not have my primary email. this is used for like forums and such.

    then i have one that i use specifically for buying stuff online, or buying anything. This way when i need to find that serial number for anti virus or for a program, i can search one email address and find everything i need.

    then finally i have one that i give out to people i dont know, or if i know it will be used to spam the crap out of...like you know when they ask you for your email address at the department stores...this is the account i give them. I check it every now and then..but its all trash anyway.

    genius.
     
  9. JBnTX

    JBnTX 2 Timothy 2:15

    Messages:
    23,595
    Likes Received:
    11,826
    Joined:
    Aug 28, 2008
    Location:
    Texas
    I got the same type message from my bank today.

    Seems my account have been breached by an unknown attacker,
    so my bank as frozen my account for my protection.

    I have to go "immediately" to a special website where I can re-open my
    account by providing my "personal banking information" to verify my
    identity.

    Funny, when I called my bank on the phone, they don't know anything
    about it? :rofl: