Re: Pishing mails on the increase? [OT]

From: Michael Heiming (michael+USENET_at_www.heiming.de)
Date: 11/13/05

Next message: Robert Hull: "Re: Under Suse, changing /etc/fstab doesn't work ;-("
Previous message: bill: "connecting usb adapter and 2wire home portal"
In reply to: Moe Trin: "Re: Pishing mails on the increase? [OT]"
Next in thread: Moe Trin: "Re: Pishing mails on the increase? [OT]"
Reply: Moe Trin: "Re: Pishing mails on the increase? [OT]"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Date: Sun, 13 Nov 2005 22:31:59 +0100

In comp.os.linux.misc Moe Trin <ibuprofin@painkiller.example.tld>:
> In the Usenet newsgroup comp.os.linux.misc, in article
> <4ofj43-tb7.ln1@news.heiming.de>, Michael Heiming wrote:

>>Wasn't aware getting one at all, so checked my spam filer which
>>is cleared nightly from cron. And really a bunch of those
>>pretending to come from one or another bank have been received,
>>but luckily automatically sorted out from SA. (Bayes catches the
>>crap reliable)

> One of the ISPs I use allows me to have multiple mail accounts. I mainly
> use it for mail - and all of the accounts have nonsensical usernames
> generated by piping /dev/random through uuencode and taking the last
> 15 characters of the first line of output. This makes 'dictionary' or
> 'phonebook' name harvesting a thing of the past. These accounts are
> only used for contact with financial institutions, and I don't use
> other accounts for that purpose. Thus, any mail from a plisher sticks
> out like a mountain and is auto-deleted at the POP server. At most, I
> see the headers, and that only when I enable logging.

Only have a very few mail addresses, mostly use the one supplied
here (a little munged), iirc I'm using this mail address since a
decade or more. Likely because it's easy to remember. Spam wasn't
a problem as I begun to explore usenet with it, so it wasn't
munged and is certainly contained on any spammer DVD starting
kit.

At one point disabled a default catch all account for my domain,
which was a nice thing, but spammer started hammering me with
thousands of messages daily and it began to be mentionable even
with ADSL.

In the last 10 month not a single spam mail was able to pass SA,
which defeated about 50000 x spam during this time, with not a
single false positive I'm aware of.

[..]

>>Without looking at the header it's more then obvious after
>>reading the first sentence that those aren't genuine.

> It doesn't even get that far here - typically, if it's not rejected
> by the SMTP server using basic blocklists, it's rejected based on
> the From: or Subject: headers. Despite what the plishers may think,

It doesn't get beyond SA here, had to check a cron zerod spam
file to mentione them. There was some rather stupid article about
the matter, which made me curious and yep there are about 5 of
them from the last 22h.

> not all of us have CitiBank or PayPal accounts in the mail names that
> they found on those Millions CDs.

>>What are your experience about the matter?

> The single bank that I do use for Internet transactions and mail has sent
> out snail-mail on average quarterly, reminding me that any mail from them
> will include certain keys - one of which is personalized - to identify
> it as being from them. They also don't ask to "verify" any account
> details over the Internet, _AND_ state that if they do send an email
> indicating a problem with an account, it will have me contact them in
> return using their published toll free telephone number. That is why
> I chose that bank.

My bank gives a hint on the entrance URL to online banking,
they'd never ever send a mail asking for passwords/etc and
provides a free call number for questions. Their mails are signed
in addition.

The real stupidity beyond the matter, why on earth should they ask
me for my password on their server?

-- 
Michael Heiming (X-PGP-Sig > GPG-Key ID: EDD27B94)
mail: echo zvpunry@urvzvat.qr | perl -pe 'y/a-z/n-za-m/'
#bofh excuse 176: vapors from evaporating sticky-note adhesives

Next message: Robert Hull: "Re: Under Suse, changing /etc/fstab doesn't work ;-("
Previous message: bill: "connecting usb adapter and 2wire home portal"
In reply to: Moe Trin: "Re: Pishing mails on the increase? [OT]"
Next in thread: Moe Trin: "Re: Pishing mails on the increase? [OT]"
Reply: Moe Trin: "Re: Pishing mails on the increase? [OT]"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Relevant Pages

Re: Spam filter
... We're in the process of migrating our mail accounts over from Windows Server 2003 running IMail. ... Gmail, why not Gmail for everyone else in your organization? ... something along the line of a spam filter that dumps junk mail in a folder called "spam" or "junk" for the users to check ...
(comp.unix.bsd.freebsd.misc)
Re: use this patch immediately message
... They get tired after awhile of having their Web Hosts killing their Accounts ... them and use them to catch Domains that Spam) ... And if you find the ISP and Websites are protected by the ISP and Web Host, ...
(microsoft.public.security)
Re: OE/Hotmail socket error 12029
... The assumption with removing OE/OL access is that those using OE/OL with new ... free accounts were the source of the spam. ...
(microsoft.public.windows.inetexplorer.ie6_outlookexpress)
Re: What exactly ARE you doing?
... they've made some half-assed attempts to allow people to 'Report Spam' ... We need to be able to filter chat for those and any words. ... What Blizz has to do is filter out spam accounts from genuine accounts. ... Reaching level 30 unlocks yell, ...
(alt.games.warcraft)
Re: Solaris /etc/shadow - NP vs. *LK*
... Now in Solaris 9, a *LK* account cannot ... cron, at, and batch Cannot Schedule Jobs for Locked Accounts ... cron, at, and batch utilities cannot schedule jobs on locked accounts. ...
(comp.unix.admin)