have you been phished?

  jack 13:58 25 Sep 2004

take a look at this
click here

  igk 15:13 28 Sep 2004

For anyone in doubt regarding genuine websites you can confirm this BEFORE entering any personal info on it by doing this::
To verify genuine websites do this: type this in the address bar while on the website in question:

javascript:alert("actual URL address:" + "//" + location.hostname + "//");

press enter: the true address of the website will be shown in the dialog box
that appears.

  Friday's Child 16:38 28 Sep 2004

I've had people try it - they keep asking me for details of accounts with companies that I have never dealt with.

Yesterday, someone asked me about 'my' account with Sun Trust Bank.

I don't know whether it is the right thing to do but I notify the abuse or support at the originator's ISP or domain about it and the company who supply the 'account' that I don't have.

I never click on the link in the email because I'm told that companies never include one for you to do so if they should for some reason need any information and I don't believe that they would ask for it in an email or by telephone anyway but then again I'm probably paranoid.

  Friday's Child 16:41 28 Sep 2004

Sorry, I should have said that the ISP or domain that I notify is the one I find in the header revealed by right clicking the email and choosing Options in Outlook and not the one that shows normally.

  Friday's Child 13:25 29 Sep 2004

I don't think that what I did with the one mentioned above was for the best because I have since received two more concerning Sun Trust.

The look identical until you check the headers when you find that they come from two different email addresses.

I somehow don't think that I will be reporting any more of them because the account has been spam free up until now.

  igk 15:04 29 Sep 2004

I had a particularly disturbing one around a year ago that seemed pretty convincing so I contacted and sent the e-mail+headers to the National High Tech Crime unit here:
click here
I actually got a thank you from them a day later saying that this was the first time they had seen this particular scam and that they were very interested in it.

  spuds 18:48 29 Sep 2004
  Friday's Child 19:31 29 Sep 2004

Thank you for that tip.

My experience with the NHTCU today was I’m afraid somewhat less helpful.

After reading your posting, I emailed them to say that I had received some Phishing and Nigerian 419 scam emails, that I had notified the relevant ISPs and domain maintainers and asking whether it would be of any benefit if I forwarded them to the NHTCU either as attachments or as copies in an email (I mentioned including the original headers found by right clicking the email and using ‘Options’).

The reply I received was:

“Our unit does not collate intelligence on these emails but we will help anyone who has lost money or been a victim in any other way. Our advice to recipients is to send a copy to the Internet Service Provider from where the 419 email originated.

By this method, the ISPs can terminate any accounts that abuse their systems. We note that you have already done this.

Our advice to people who receive these emails is to delete and ignore them.

Unfortunately analysis of the headers provides little intelligence and they are invariably spoofed.


Desk Officer (RM)
National Hi-Tech Crime Unit”

Given that the ISPs I have reported them to with the same information I was going to supply to the NHCTU, have taken action against the originator, I was somewhat surprised they thought there was any need to say that the headers were spoofed.

I would like to think that they are doing a good job but I am afraid that I will not be sending them any more information, instead I will just notify the ISPs and perhaps The Anti Phishing Working Group mentioned in spuds' posting and then delete them.

  Andybear 10:25 03 Oct 2004

I get loads of these things, purportedly from several different banks. I've got Mailwasher and simply delete them from the server.

  Forum Editor 10:46 03 Oct 2004

To put things into perspective.........

The NHTCU is wildy under-staffed and under-funded, and has to make do with inadequate equipment. They are inundated with reports - many of them about matters that are a good deal more serious than 419 mail or blatantly obvious phishing attempts.

I'm not for a moment trivialising your concern, but try to understand the sheer scale of the problems facing this unit and you may feel more kindly disposed towards the hard-working people who run it.

Most people will eventually receive a 419 (I've received hundreds) and/or a phishing mail - the best thing to do is delete them, forget them, and carry on unless there's something about the message that looks radically different from the others you've seen. Then it's a good idea to let NHTCU know about it.

  Friday's Child 15:07 03 Oct 2004

I was not trying to suggest that the NHTCU was not overall doing a good job or that they were belittling the email which I had received but merely pointing out that I feel there seems little reason for me to send them any details when I had told them that I would send them either the complete email as an attachmnet or include the full header as found by right clicking it in Outlook and selecting Options only for them to tell me that the addresses are spoofed. If I have gone to the trouble of checking the header in this way, I obviously knew that the address shown was spoofed.

I was also saying that since I was notifying the ISPs concerned who could take action (and presumably notify any relevent authorities) I was not going to send extra notification to NHTCU.

As regards a "message that looks radically different from the others you've seen", surely until you have received a number of them they all look different and don't we have a moral duty to everyone else to notify their ISP in order to try to stop them using that address to catch someone else who is more gullible than ourselves before deleting the message?

This thread is now locked and can not be replied to.

Elsewhere on IDG sites

AMD Radeon Adrenalin release date, new features, compatible graphics cards

8 brilliant character artists speaking at Pictoplasma 2018

iMac Pro release date, UK price & specs

Football : comment regarder la Ligue 1 en direct ?