PPRuNe Pop

I have had THREE requests from HSBC - LLOYDS TSB and BARCLAYS to 'Upgrade your account.' I have NO dealings with any of these and I deleted them all after I selected LLOYDS properties to see if there was any info. There was. I have reported these instances to each bank but have heard nothing. The one url I found was this one. amphibabrasil.org - mean anything to anyone?

PPP

green granite

Having just checked my hotmail spam box, I've currently got 8 bank phishing e-mails, I never even bother to open them nowadays, they bore me and no-one wants to know anyway. ( I don't use hotmail for any important mail such as banks etc.)

BOAC

Pop - these are so common that banks no longer appear to respond to inputs.

If you Google that domain you will see lots of phishing references.

For some time now I have managed to continue with my (non-existent) HSBC account despite hundreds of warning emails

Capetonian

I give them false details, in the hope of not only wasting their time, but also that when they make these inputs to the real banking sites, it will alert the banks and they may do something. I usually give myself a name like Uyara Wanka or Wota Tosseriam just for fun.

BOAC

................and by doing that you confirm a 'live' email address

mixture

PPRuNe Pop,

As others have said, these are known as "Phishing" and are incredibly common.

Good, but don't forget to include the full email including full headers when you do so.

Quite normal. Most ISPs don't reply to individual spam reports either.

The people operating the attacks will change URLs on a very regular basis, therefore a "live" URL today (or even this minute) will not be in use the next.

If you want to go further, you can do an nslookup/dig on the host, find the IP, report to the hosting ISP.... but to be honest, given the speed at which the URLs change chances are by the time you've figured out all that detail, they have either already been taken offline at that URL or have moved elsewhere.

Capetonian

True, but 90% of them come to a 'baiting' email address which I use for things that don't really matter. I get about 1 in 50 to my 'real' email addresses and I reply from the 'baiting' one, which is a disposable one which I change every few months anyway.

PPRuNe Pop

Interesting and points noted. You are a lucky lot having so many - I have NEVER had them before. Was it something I did?

Parapunter

Still irresponsible. What spammers want is interaction irrespective of the content. You give it to them and so, encourage more spam. By far and away the most effective action is to do nothing.

Pprune pop, please do read an occasional newspaper or techy web site. You have just reported the internet equivalent of the horseless carriage.

Capetonian

Parapunter: You won't be surprised that I disagree with you.

By getting them to waste their time people who do what I do are keeping them away from other victims who might be more gullible. Also if they make repeated hits on real bank sites using the false information that we have supplied, they are more likely to get caught or at least have their activities curtailed.

It is true that we are encouraging more spam, but it's again a far greater waste of their time and resources than of anyone else's, and they will soon find the emails they send out being rejected.

If, hypothetically, everybody were to do this, and they realised that 100% of their time was wasted, their would be no more spammers or scammers.

Finally, winding these people up and looking at their responses (Nigerian 419ers specially) is a a great way to pass time, and if you don't believe me, take a look at some of the sites like 419 Eater - The largest scambaiting community on the planet!

Parapunter

Youre logic as usual, is flawed. You are entering into a dialogue with people who seek dialogue. You are therefore encouraging the activity.

If you also conclude that your actions are likely to result in capture, you credit yourdelf with more power than you ought.

Again, you should lookup from your screen and consider the bigger picture. I'm sure an admin will be along presently to tell us about the resources needed at the corporate level to deal with unwanted mail. But as long as you're having fun...

mixture

Capetonian,

To be honest, a more productive use of your time would be to spend the time reporting the spammer to (a) the people hosting the account sending the spam (b) the people hosting the account receiving replies (c) the people hosting the phishing sites.

Spending time reporting, and actively following up on said reports would be a much better use of your time, and much better for the good of the internet than pointlessly filling in forms with false data.

Capetonian

Youre logic as usual, is flawed. You are entering into a dialogue with people who seek dialogue. You are therefore encouraging the activity.

I'm not entering into dialogue with them. I'm supplying them with information which they think will be of benefit to them whereas the opposite applies. The objective is to waste their time.

If you also conclude that your actions are likely to result in capture, you credit yourdelf with more power than you ought.

Without going into detail, as this is a public forum, I can tell you (you may dispute this of course) that as part of a small consortium of people doing the same thing, we have had some successes in getting 419 and similar scammers apprehended and imprisoned in several countries, in particular in the Netherlands where the Marechaussee have been extremely receptive and cooperative in respect of reports. I do not claim that we are talking big numbers, but one criminal behind bars is better than none.

To be honest, a more productive use of your time would be to spend the time reporting the spammer to (a) the people hosting the account sending the spam (b) the people hosting the account receiving replies (c) the people hosting the phishing sites.
Spending time reporting, and actively following up on said reports would be a much better use of your time, and much better for the good of the internet than pointlessly filling in forms with false data.

Theoretically yes, but in practice, sadly it's a waste of time.

PPRuNe Pop

Parapunter, forgive me for thinking that all posters here are intellectual and broadly grasp the meaning of a post. Clearly you do not. As far as reading the press and techy papers I do and I don't. I'm a bit choosy.

However, you have amply demonstrated your arrogance and sarcasm and as a moderator of many years standing I believe I've met your type before and I normally just ignore them in your case I decided to make an exception.

Finally, PPRuNe encourages everyone who has a comment to make that is to the benefit of all - your comments fall below that boundary I'm afraid. Still, one must keep trying but I will keep an open mind on it.

Parapunter

We've all met all kinds of types before no doubt. The smiley indicated my intent, or so I believed. You are free of course to be as touchy as you wish, but if you think I was taking a pop to coin a phrase, you are very much mistaken.

Load Toad

Never respond. If you wish forward it to the bank concerned and let their clever IT / legal people with all their money behind them work on it.

Never, ever reply to scam / phishing email.

It just isn't worth it - unless your intention is to start one of those highly amusing 'anti-491' web sites.

PPRuNe Pop

Load Toad, you are quite right of course. I forgot to add that I had a third one regarding 'upgrading your account' from 'Natwest' - with whom I do bank - and I sent it to their phishing mail addy and never heard a word. I guess this is rife from what has been said. I'm well guarded and very happy with my security but you can never be too careful.

Capetonian

In fact you don't, because you're not responding by email, you're clicking on a link that goes to a fake website. I doubt if they can tie that up to the email address to which they sent the email, and even if they could, what would be the point?

Parapunter

In fact you do and they can.

Finding IP Addresses - Identify The IP Address of An Email Sender

hellsbrink

And that "problem" is easily bypassed, Para, and that is before we look at the "location" of IP addresses which can vary greatly depending on your ISP. Add in the small matter of most IP addresses being "dynamic" and you see that actually tracing an IP address is of no use to the scammers.

For example, a quick look at different "IP Tracers" has, so far, given my location as Antwerpen, Wilrijk, Mechelen, Heist-op-den-Berg and Kapellen. Now, as you can see, only one of these is right and that is for me. I've seen IP addresses in the UK being reported as somewhere hundreds of miles away, in all parts of the country (someone in London can have their IP being reported as being in Liverpool, for example).

So, sorry, but these people tracing your IP address is something that is useless to them. If they traced mine, as I did using different online "services", they would believe I was in a different area from where I actually am (since most results were saying "Wilrijk) and that is no use to them in the big scheme of things because all they want is certain details about your bank account. Also, since these details, as Capetonian rightly pointed out, are being sent via an ONLINE FORM and NOT BY EMAIL then being able to "trace" the IP address from an email is irrelevant and, as I have just pointed out to you, useless as far as the scam goes.