kunoichi

How to Deal With Phishing Emails

In Privacy, Security on May 18, 2006 at 1:16 pm

Recently a Phishing email somehow slipped through the net and landed in my inbox. Usually I would just ignore and delete them, but this one was particularly devious and would have tricked someone less vigilant into handing over their peronal details to a thief.


Online abuse such as this really winds me up! So I’ve compiled this guide to help you decide the best course of action to take if you receive a phishing email.

  • What is Phishing
  • What can you do if you have responded to a Phishing email
  • Ways to tackle the problem yourself
  • Useful sources
  • What is Phishing?

    “Phishing” involves Internet fraudsters who send spam or pop-up messages to lure personal information (credit card numbers, bank account information, Social Security number, passwords, or other sensitive information) from unsuspecting victims. Emails may look legitimate and closely resemble those of official companies and organisations such as Ebay, PayPal and online banks. However, clicking through the links supplied will take the user to a bogus site which will harvest their personal information for illegal extortion.

    There are several ways to spot a Phishing email. Most notably is that official organisatione never ask for your personal details or account verification in an email! Copy and paste links into a web browser to check if they do actually link to the site in question. Or contact the organisation directly to see if the email did originate from them.

    What to do if you have responded to a Phishing email

    • Check your accounts immedietly and change your passwords (see my post on secure passwords for guidelines on password security).
    • If you notice any unauthorised transactions, or cannot log in, you should contact the organisation immedietly to inform them that you believe your security has been breached. Do everything they tell you to do.
    • You should also check any related accounts in the same manner.
    • Contact the Police and inform them of all information you have. This may be time consuming and frustrating, but helps to cover your back against further damages. And after all, Phishing is illegal!
    • If you entered any personal details such as your date of birth or address, you may also wish to check your credit report to ensure no credit accounts have been falsely opened in your name.

    The sooner you act, the easier it will be to stop anything else from happening. If you wait too long to report fraud on your accounts, you may become liable for some or all of the money stolen from you! And this will also give the scammers the chance to lure another unsuspecting victim…

    Ways to tackle the problem yourself

    Assuming you haven’t responded to a Phishing scam, there are ways to deal with the Phishers to help avoid others from falling prey.

    Contact the company involved in the scam immedietly. For example, if you received an email pretending to be from Paypal, send it to Paypal. Many companies have an email address to which you should send such emails, such as:

    Ensure all email headers are visible before you send it (usually you can enable this in the “options” menu of your email software). It is preferable to send the Phishing email as an attachment, though many webmail servers do not allow this function in which case you should simply forward it instead.

    Once you have done this, you should permanantly delete the email from your inbox.

    If you are feeling more confident, you can investigate the origin of the email yourself. Pay no attention to the “From” and “Reply To” addresses as these are easily forged. Make sure you can see the full headers of the email which should provide information of where the email originated from. It should look something like this:

    MIME-Version: 1.0
    Received: from ctb-cache5-vif0.saix.net ([165.145.109.216]) by bay0-mc8-f8.bay0.hotmail.com with Microsoft SMTPSVC(6.0.3790.1830); Tue, 16 May 2006 09:38:26 -0700
    Received: from ctb-cache5-vif0.saix.net (196.25.255.195) by ctb-cache5-vif0.saix.net with SMTP;
    Received: (qmail 2374 by uid 753); Tue, 16 May 2006 06:38:28 +0200
    X-Message-Info: LsUYwwHHNt1MJ3+SDBjNqWm68AowQ1dA/tvtF+ne7BQ=
    Return-Path: anemail@adomain.com
    X-OriginalArrivalTime: 16 May 2006 16:38:28.0261 (UTC) FILETIME=[24C7AD50:01C97908]

    As in this example, the email may have passed through more than one email server before arriving at its destination. You should look for the oldest server it passed through.

    You should then do a WHOIS check on the domain or IP address found here. Urgent Click feature a great IP trace, but you should also check out Arin.net for more detailed information.

    If your trace is successful, you should find some contact information for the server or domain from which the Phishing email originated. Now you can send them an email to let them know that illegal Phishing is originating from their server. Include the headers from your email and explain that the sender is not known to you, and that you believe links contained in the email lead to an illegal data mining website. Be brief and polite as administrators may have very many emails to respond to each day!

    Reputable companies will act upon your information and hopefully close the Phisher’s account. Be warned, however, that many servers are set up specifically for the purpose of illegal data mining and will ignore any such complaints!

    Useful sources

    Advertisements
    1. Hi. No prior prescription. Overnight, Saturday Delivery available!
      Visit our site tramadol online

    2. Possessed a strength of understanding.
      A good-humored, well-disposed girl.
      The FDA should be given the authority to issue fines.
      Drugs should only be approved for five-year.
      Replied her husband.

    3. Possessed a strength of understanding.
      A good-humored, well-disposed girl.
      Replied her husband.
      Replied her husband.
      A good-humored, well-disposed girl.

    4. The FDA should be given the authority to issue fines.
      Replied her husband.
      A good-humored, well-disposed girl.
      From Spain and England.
      Possessed a strength of understanding.

    5. Possessed a strength of understanding.
      From Spain and England.
      From Spain and England.
      Drugs should only be approved for five-year.
      Drugs should only be approved for five-year.

    6. Replied her husband.
      From Spain and England.
      A good-humored, well-disposed girl.
      A good-humored, well-disposed girl.
      Drugs should only be approved for five-year.

    7. The FDA should be given the authority to issue fines.
      Possessed a strength of understanding.
      Replied her husband.
      Possessed a strength of understanding.
      A good-humored, well-disposed girl.

    8. The FDA should be given the authority to issue fines.
      The FDA should be given the authority to issue fines.
      Replied her husband.
      Possessed a strength of understanding.
      Drugs should only be approved for five-year.

    9. The FDA should be given the authority to issue fines.
      A good-humored, well-disposed girl.
      From Spain and England.
      Replied her husband.
      Possessed a strength of understanding.

    10. cell download free phone ringtones verizon wireless cell download free phone ringtones sprint download free ringtones cell phone…

      At this point cingular cell phone ringtones cellular download free one ringtones…

    11. free real ringtones for alltel…

      Where low interest payday loan c139 motorola ringtones tracfone…

    12. advance cash line loan…

      Rare advance cash overnight pay day loan cash advance…

    13. advance cash settlement advance cash chicago settlement pre settlement cash advance…

      A lot cash advance detroit payday loan cash advance loan…

    14. free real ringtones verizon…

      Over cellular free one ringtones free mobile phone ringtones samsung…

    15. bad card credit debt uk…

      The main thing about card credit interest lowest uk compare credit card uk…

    Leave a Reply

    Fill in your details below or click an icon to log in:

    WordPress.com Logo

    You are commenting using your WordPress.com account. Log Out / Change )

    Twitter picture

    You are commenting using your Twitter account. Log Out / Change )

    Facebook photo

    You are commenting using your Facebook account. Log Out / Change )

    Google+ photo

    You are commenting using your Google+ account. Log Out / Change )

    Connecting to %s

    %d bloggers like this: