For your information. SPAM
 

I have had THREE requests from HSBC - LLOYDS TSB and BARCLAYS to 'Upgrade your account.' I have NO dealings with any of these and I deleted them all after I selected LLOYDS properties to see if there was any info. There was. I have reported these instances to each bank but have heard nothing. The one url I found was this one. amphibabrasil.org - mean anything to anyone?

PPP

Having just checked my hotmail spam box, I've currently got 8 bank phishing e-mails, I never even bother to open them nowadays, they bore me and no-one wants to know anyway. ( I don't use hotmail for any important mail such as banks etc.)

Pop - these are so common that banks no longer appear to respond to inputs.

If you Google that domain you will see lots of phishing references.

For some time now I have managed to continue with my (non-existent) HSBC account despite hundreds of warning emails:)

I give them false details, in the hope of not only wasting their time, but also that when they make these inputs to the real banking sites, it will alert the banks and they may do something. I usually give myself a name like Uyara Wanka or Wota Tosseriam just for fun.

................and by doing that you confirm a 'live' email address:ugh:

PPRuNe Pop,

As others have said, these are known as "Phishing" and are incredibly common.

Good, but don't forget to include the full email including full headers when you do so.

Quite normal. Most ISPs don't reply to individual spam reports either.

The people operating the attacks will change URLs on a very regular basis, therefore a "live" URL today (or even this minute) will not be in use the next.

If you want to go further, you can do an nslookup/dig on the host, find the IP, report to the hosting ISP.... but to be honest, given the speed at which the URLs change chances are by the time you've figured out all that detail, they have either already been taken offline at that URL or have moved elsewhere.

True, but 90% of them come to a 'baiting' email address which I use for things that don't really matter. I get about 1 in 50 to my 'real' email addresses and I reply from the 'baiting' one, which is a disposable one which I change every few months anyway.

Interesting and points noted. You are a lucky lot having so many - I have NEVER had them before. Was it something I did? :D

Still irresponsible. What spammers want is interaction irrespective of the content. You give it to them and so, encourage more spam. By far and away the most effective action is to do nothing.

Pprune pop, please do read an occasional newspaper or techy web site. You have just reported the internet equivalent of the horseless carriage.:p

Parapunter: You won't be surprised that I disagree with you.

By getting them to waste their time people who do what I do are keeping them away from other victims who might be more gullible. Also if they make repeated hits on real bank sites using the false information that we have supplied, they are more likely to get caught or at least have their activities curtailed.

It is true that we are encouraging more spam, but it's again a far greater waste of their time and resources than of anyone else's, and they will soon find the emails they send out being rejected.

If, hypothetically, everybody were to do this, and they realised that 100% of their time was wasted, their would be no more spammers or scammers.

Finally, winding these people up and looking at their responses (Nigerian 419ers specially) is a a great way to pass time, and if you don't believe me, take a look at some of the sites like 419 Eater - The largest scambaiting community on the planet!

Youre logic as usual, is flawed. You are entering into a dialogue with people who seek dialogue. You are therefore encouraging the activity.

If you also conclude that your actions are likely to result in capture, you credit yourdelf with more power than you ought.

Again, you should lookup from your screen and consider the bigger picture. I'm sure an admin will be along presently to tell us about the resources needed at the corporate level to deal with unwanted mail. But as long as you're having fun...

Capetonian,

To be honest, a more productive use of your time would be to spend the time reporting the spammer to (a) the people hosting the account sending the spam (b) the people hosting the account receiving replies (c) the people hosting the phishing sites.

Spending time reporting, and actively following up on said reports would be a much better use of your time, and much better for the good of the internet than pointlessly filling in forms with false data.

Youre logic as usual, is flawed. You are entering into a dialogue with people who seek dialogue. You are therefore encouraging the activity.

I'm not entering into dialogue with them. I'm supplying them with information which they think will be of benefit to them whereas the opposite applies. The objective is to waste their time.

If you also conclude that your actions are likely to result in capture, you credit yourdelf with more power than you ought.

Without going into detail, as this is a public forum, I can tell you (you may dispute this of course) that as part of a small consortium of people doing the same thing, we have had some successes in getting 419 and similar scammers apprehended and imprisoned in several countries, in particular in the Netherlands where the Marechaussee have been extremely receptive and cooperative in respect of reports. I do not claim that we are talking big numbers, but one criminal behind bars is better than none.

To be honest, a more productive use of your time would be to spend the time reporting the spammer to (a) the people hosting the account sending the spam (b) the people hosting the account receiving replies (c) the people hosting the phishing sites.
Spending time reporting, and actively following up on said reports would be a much better use of your time, and much better for the good of the internet than pointlessly filling in forms with false data.

Theoretically yes, but in practice, sadly it's a waste of time.

Parapunter, forgive me for thinking that all posters here are intellectual and broadly grasp the meaning of a post. Clearly you do not. As far as reading the press and techy papers I do and I don't. I'm a bit choosy.

However, you have amply demonstrated your arrogance and sarcasm and as a moderator of many years standing I believe I've met your type before and I normally just ignore them in your case I decided to make an exception.

Finally, PPRuNe encourages everyone who has a comment to make that is to the benefit of all - your comments fall below that boundary I'm afraid. Still, one must keep trying but I will keep an open mind on it.

We've all met all kinds of types before no doubt. The smiley indicated my intent, or so I believed. You are free of course to be as touchy as you wish, but if you think I was taking a pop to coin a phrase, you are very much mistaken.

Never respond. If you wish forward it to the bank concerned and let their clever IT / legal people with all their money behind them work on it.

Never, ever reply to scam / phishing email.

It just isn't worth it - unless your intention is to start one of those highly amusing 'anti-491' web sites.

Load Toad, you are quite right of course. I forgot to add that I had a third one regarding 'upgrading your account' from 'Natwest' - with whom I do bank - and I sent it to their phishing mail addy and never heard a word. I guess this is rife from what has been said. I'm well guarded and very happy with my security but you can never be too careful.

In fact you don't, because you're not responding by email, you're clicking on a link that goes to a fake website. I doubt if they can tie that up to the email address to which they sent the email, and even if they could, what would be the point?

In fact you do and they can.

Finding IP Addresses - Identify The IP Address of An Email Sender

And that "problem" is easily bypassed, Para, and that is before we look at the "location" of IP addresses which can vary greatly depending on your ISP. Add in the small matter of most IP addresses being "dynamic" and you see that actually tracing an IP address is of no use to the scammers.

For example, a quick look at different "IP Tracers" has, so far, given my location as Antwerpen, Wilrijk, Mechelen, Heist-op-den-Berg and Kapellen. Now, as you can see, only one of these is right and that is for me. I've seen IP addresses in the UK being reported as somewhere hundreds of miles away, in all parts of the country (someone in London can have their IP being reported as being in Liverpool, for example).

So, sorry, but these people tracing your IP address is something that is useless to them. If they traced mine, as I did using different online "services", they would believe I was in a different area from where I actually am (since most results were saying "Wilrijk) and that is no use to them in the big scheme of things because all they want is certain details about your bank account. Also, since these details, as Capetonian rightly pointed out, are being sent via an ONLINE FORM and NOT BY EMAIL then being able to "trace" the IP address from an email is irrelevant and, as I have just pointed out to you, useless as far as the scam goes.

PS.

I just did the same thing with the IP address from an email that came from the UK at the weekend.

Seems he's in London, City of London, Hampshire and Rochdale.

So, pray tell, how will that be useful in tying things up to a "disposable" email address since all that is happening is that the spammers can say is that the email originated in a certain country?

Pray tell? What are you a vicar?

You're talking about geolocation using IP addresses - I'm not. I was answering a specific point about responding to spam in forms and that dynamic IP addresses notwithstanding, responding is a poor idea since it confirms that a computer within that pool of addresses is live and responding and therefore ratchets up the likelihood of further spam to that ISP and thus someone not as worldly wise & tech savvy as the august users of this place getting caught out.

If you want to have fun in this life, there are better, less damaging ways to go about it, which is advice I would offer anyone.

Parapunter,

Rubbish.

Read up on dictionary attacks.

That's the sort of technique used to "get" the majority of email addresses to send to. The rest comes up from email addresses harvested by whatever means.

Sending 1 email or 6,000,000,000 emails costs the disgusting people exactly the same thing.....i.e. pretty much nothing, especially if using botnets..... so what makes you think they're bothering to go through the sort of commercial database cleansing processes that a normal company would ? Remember, for example, that they are using one-off addresses to send, so whether or not they get a deluge of bouncebacks is irrelevant.

Oh, and another thing.

The only people who will get remotely near to properly tracing an IP are law enforcement with a court order (and even then it's not guaranteed to get them anywhere fast, especially in the world of botnets).

Public databases are notoriously hit and miss in terms of accuracy. Also, in relation to ISPs with private customers, you'll frequently find public data is obfuscated (cf. Data Protection legislation) and the locations shown are probably just some ISP offices.

Parapunter : Do you want the five minute argument or the ten minute argument? You seem to be arguing simply for the sake of doing so and attempting to put other people down. Your views on this such as "If you want to have fun in this life, there are better, less damaging ways to go about it, which is advice I would offer anyone." may, or may not, be valid, but don't be so self-righteous.

In the face of the evidence of others, you do seem to be in a minority, which might indicate that you are wrong. If you want to carry on digging, that's fine, but I at least have lost any respect I may previously have had for your views.

Yep, I know that & believe I stated clearly I wasn't discussing geolocation. Capetonian, to imply that ever mattered to me is a long walk off a short pier, respect is a personalised notion & you just fell into the same trap as Pop.

Whilst I'm happy to be corrected by the IP cops, I'm still waiting for anyone to tell me interacting with spammers is a a good idea.

Nope. Thank you all & good night.:)

Rubbish. With the type of phishing expedition highlighted in this thread there is no "pool" of IP addresses, no "pool" of ISP's, no "attack" on ISP's and no "attack" per country. I get the same Barclay's, HSBC, etc phishing mails despite not being in the country where these banks are, according to the emails I see they are generally sites claiming to be in the UK, and I also get some for US banks too. Paypal UK is also another favourite. Explain how that is somehow "tied" to an ISP, especially through a web-based email like Hotmail, or through an email address that has ".be" at the end. Answer, it ISN'T, it's a random phish based on the very method described by mixture. It has bugger all to do with your ISP. Also, since you are using a "form" the IP address is irrelevant as they have no idea whether you are at home, work, hotel, internet cafe, mobile, etc when you send in the form.

Sorry, Para, but you have no idea regarding these kinds of attacks. Sure, some spam mails do mean to find a "live" email so they can send more spam, others use the email to send a nasty to compromise the receiver's computer. But these phishing scams for banks/paypal have nothing to do with that, they are only interested in the gullible actually following the instructions and filling in the form so these details can be used for nefarious purposes. And by buggering the scammers around by sending fake info, it means they are spending time on nothing which means there is a smaller chance of some imbecile being fleeced at that moment and/or a higher chance of a bank taking action to prevent an idiot being fleeced since they'll take notice of people trying to access a non-existent account with fake details.


By the way, I'm still waiting to for you to enlighten us with the benefits a scammer will have by tracing the IP address from an email. As I say, is the sender at work, at home, in an internet cafe, at a friend's house, in jail, on vacation, using free wifi whilst sitting in a café....... Explain the use, please, if you can.....

It's a shame mixture said the bit about the IP address locations being some ISP office somewhere and not the actual location of the person sending the email, not Capetonian. You were almost doing well up to that point.

And we all know what your "notion" of "respect" is from

In other words, you have no concept of "respect".



As you say, "Good Night". Now, make sure you turn your computer off to save energy and, just to make sure no scammer can EVER trap you, maybe it would be better if you left it like that.

Parapunter, maybe if you spent some time trying to understand others' points of view, and disagreeing with a bit more respect, rather than setting 'traps', you might be a more welcome participant in the discussion. As it is, I feel you are about as welcome as pork ribs at a mosque!

Discussion is not about 'setting traps'.

I don't think so Helsbrink. As I say, I'm happy to be corrected, but the pejorative tone you exhibit is unedifying at the very least - I have a decent memory so I know where you're coming from.

Capetonian, you might point that out to your fellow correspondents who like to start their posts with the word 'Rubbish'! Respect is a two way street as you should know from the times I have picked up on your unpleasant prose elsewhere on this site.:=

Parapunter, I think you must be having a bad day. Let's leave it there.

I hope I don't soon bump into you at my favourite watering hole in Lewes, the John Harvey Tavern, no doubt you'll have something derogatory to say about that. And don't answer any emails from strange men!

No irony. That was really good stuff. Well done everyone. I'll bet Pprune pop was not expecting that.

You got that right MC! ;)

It's a bit like being the drunk in the bar in the Western film, who falls asleep whilst every one else in the bar has a grand scale shoot-out.
When you wake up you hope they've all gone away.