Tell us your spam/phishing horror stories!

Posted by akrasne

on 17 Nov 2005 11:00 AM

Hi, everyone,
TechSoup is working on an article about spam and phishing. More specifically, we want to educate nonprofits about the dangers of spammers and scammers by highlighting the community's stories.

Was your nonprofit swindled by a phisher? Did you fall prey to a scammer? Were your organization's computers infected with a virus someone caught from a spam message? Did you file a lawsuit against a spammer? Any other tales or lessons learned that you'd like to share with others?

If you'd like to participate, please post your stories here. Thanks!

...............................
~Alexandra
associate editor
TechSoup.org

You have posted to a forum that requires a moderator to approve posts before they are publicly available.

Posted by Rog

on 19 Nov 2005 9:08 AM

I'm honestly surprised that I don't have any given the insane amount of junk (viruses, phishing scams, spam, etc) my mail servers have received over the years.

All it takes is one to cripple your company. If you're a small company, build an SMTP relay (not on your accounting server, though) or pay $10/mo/domain for one. If you're a very large company, look into solutions like Postini.

One thing you might touch on is Mozilla Firefox's cool anti-fishing features. Browser plugins like spoofstick and Netcraft's toolbar are also great at identifying bogus websites.

Here is a list from Netcraft on what their plugin does:

Traps suspicious URLs containing characters which have no common purpose other than to deceive.
Enforces display of browser navigational controls (toolbar & address bar) in all windows, to defend against pop up windows which attempt to hide the navigational controls.
Clearly displays sites' hosting location, including country, helping you to evaluate fraudulent urls (e.g. the real citibank.com or barclays.co.uk sites are unlikely to be hosted in the former Soviet Union).

You might also suggest that people report phishing attempts.

The next time you see a "click here to receive a free iPod" button, consider hitting that URL with the aforementioned Netcraft plugin. If it's bogus and you report it, Netcraft might award you a top of the line iPod.

You have posted to a forum that requires a moderator to approve posts before they are publicly available.

Posted by Rog

on 21 Nov 2005 12:04 PM

Here is an FTC article on how not to get hooked by a phishing scam.

You have posted to a forum that requires a moderator to approve posts before they are publicly available.

Posted by Rog

on 21 Nov 2005 1:29 PM

It's also worth noting that Outlook SP2 has some (albeit limited) phishing protection.

You have posted to a forum that requires a moderator to approve posts before they are publicly available.

Posted by Christian_SEO

on 21 Nov 2005 3:14 PM

On a related note, I have been using PocketKnife Peek for almost a year with my Outlook 2000.

It allows you to "peek" at messages without opening them, and the "plain text" view clearly shows what the real URL is that you would be clicking on is.

Using this also does not allow some spammers to receive notification that you ever got or opened the message, which may help to get you off some lists as time goes on.

You have posted to a forum that requires a moderator to approve posts before they are publicly available.

Posted by Rog

on 21 Nov 2005 10:48 PM

One of the many cool things about Thunderbird (my favorite email client) is that it has good built-in anti-phishing features.

Click on a dubious email, and you'll get this "possible email scam detected" message.

You have posted to a forum that requires a moderator to approve posts before they are publicly available.

Posted by Rog

on 21 Nov 2005 10:51 PM

Fraud Eliminator is yet another Firefox extension designed to take care of web annoyances. From their website:

FraudEliminator blocks fraud and phishing websites, using a constantly updated blacklist and artificial intelligence to stop fraud. FraudEliminator also displays the age and location of each website, so you can see if a store claiming to be in New York is actually hosted in China. Other features include ability to report fraud, block popups, show "true" URLs, whois information, creation date, and integrated search. It is compatible with FireFox and Internet Explorer.

Every 15 minutes, FraudEliminator retrieves updated fraud information about every known fraud and phishing threat worldwide. Even without this information, FraudEliminator is extremely effective at blocking fraudulent and phishing websites as they load. FraudEliminator examines the URL, website contents, the presence of financial keywords, creation date of the website, and the geographical location of the machine the website is hosted on, and if signs of possible fraud are found, the user is immediately alerted. It's almost like a fraud firewall for your web browser.

You have posted to a forum that requires a moderator to approve posts before they are publicly available.

Posted by akrasne

on 22 Nov 2005 11:24 AM

Thanks so much to everyone for posting your tips and suggestions. (Perhaps these could be their own article.)

C'mon, does no one have a spam/phishing horror story to share?

~Alexandra

You have posted to a forum that requires a moderator to approve posts before they are publicly available.

Posted by Rog

on 22 Nov 2005 11:59 AM

On a related note, I have been using PocketKnife Peek for almost a year with my Outlook 2000.

PockKnife is, in my not so humble opinion, a *much* better way of peeking at email header info than using Microsoft's way.

(If you're using gmail's web interface, you have to hit MORE OPTIONS and then SHOW ORIGINAL)

You have posted to a forum that requires a moderator to approve posts before they are publicly available.

Posted by dwelp

on 22 Nov 2005 2:46 PM

You have posted to a forum that requires a moderator to approve posts before they are publicly available.

Posted by dwelp

on 22 Nov 2005 2:58 PM

I've really been fortunate here. Mostly it's educating users as they receive 400 return to sender emails because some one else spoofed their email address.

I've had a few ask why they are getting the eBay update message when they have never used eBay.

I wrote a couple page document with pictures to illustrate address spoofing, and why not to get spooked when they get returned or do I know you emails from some one they don't know at all.

The most concern I had was a email virus that a user received and opened 30 minutes before MacAfee had updated Postini (4 hours before Symantec had issued the update) Fortunately it only infected that user's machine, Postini had captured all the others addressed to our domain.

I've also gotten feed back from a user that there is a little peer to peer education happening.
"... just called me in asked what I thought of a pop up that said he was the 1 millionth person to visit a site and he wins free gas for a year...he was actually thinking about it. I set him straight."

Nothing real exciting

Dave

You have posted to a forum that requires a moderator to approve posts before they are publicly available.

Posted by Rog

on 24 Nov 2005 8:07 AM

How does PocketKnife Peek apply to Outlook 2003 and using the text only display mode for email?

Doesn't the text only display mode for 2003 remove the embeded security risks inherent in previous Outlooks?

While you may be only able to see the email in text only, PocketKnife Peek allows you to look "under the hood" of the original email: full header info, bogus html links, html text written in the same color as the background color, etc.

This info is helpful when you report spammers to Spamcop.

You have posted to a forum that requires a moderator to approve posts before they are publicly available.

Posted by Douggg

on 24 Nov 2005 9:24 AM

A Pastor of a church on the East Coast got suckered for $85,000 not too long ago. Maybe you can find him on Google. The money was for a downpaymnet on a church.

You have posted to a forum that requires a moderator to approve posts before they are publicly available.

Join TechSoup

Tell us your spam/phishing horror stories!

New here?

Tell us your spam/phishing horror stories!

Join TechSoup

Search section

Tell us your spam/phishing horror stories!

New here?

Tell us your spam/phishing horror stories!