Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Computing > Computer Security > Re: Phishing site - Warnings from Google: Are YOU warned?

Reply
Thread Tools

Re: Phishing site - Warnings from Google: Are YOU warned?

 
 
Mike Easter
Guest
Posts: n/a
 
      12-02-2009
~BD~ wrote:
> This is an email delivered by Hotmail:-


Do not allow spam into your inbox. Do not open spam.

If you are inclined to be a spam investigator instead of just deleting
it, then you should inspect the spam by examining its 'properties' or
the message source, which reveals the complete headers and the
unrendered html.

When you examine its headers, you can learn to determine the message
source and you can also learn how to see the bogosity in the headers.
From inspecting the headers before you inspect the message body, you
will already know that you are examining spam with bogus information in
such as the From and sourced from someplace other than the From
indicates.

That inspection will also demonstrate to you that the payload URL which
is displayed by rendering the html is not the 'real' payload url; that
is, the html causes the thaisuzuki.co.th to look like hsbc.co.uk

> Visit our Privacy Policy and User Agreement if you have any questions.
> http://www.hsbc.co.uk/1/2/
>
> ************************************************** ****************
>
> ** This is the URL to which one is directed above:
> http://www.thaisuzuki.co.th/pic_news/IBlogin.html
>
> Using Safari - I get a vibrant Warning about the site being a Phishing
> site.


It is not even necessary to do the exercise.

If you are allowing spam into your inbox, you are misconfigured. It
should be recognized by your spamfilter and directed into a Junk folder
so that it is not 'handled' in the same manner as real mail.

Spam is designed to try to evade filters and get into the inbox. It is
the duty of the filter to prevent that. Spam which gets into the inbox
is designed to 'trick' the human eyeballs into being curious or
interested and to open the spam to see what it is or if it is real or to
get a laugh or to get a good deal or to get something for nothing or to
buy something that you need for a good price.

All of that 'business' that spam is designed to do is how spam works.
It is the duty of the spam recipient to abort the spam process at every
step of the way.

According to my scorecard, you lose points if you open a spam and click
on its links. When you do that you are a spammee who is either
potentially or actually profiting the spam process.

Such spammees are what makes the spamworld go round.

--
Mike Easter

 
Reply With Quote
 
 
 
 
Mike Easter
Guest
Posts: n/a
 
      12-02-2009
~BD~ wrote:

> Regrettably, you have failed to answer my question!


That is because we completely disagree about what you are attempting to
illustrate and I am positing my arguments about the many things you are
doing wrong and how you are doing them all wrong.

You are saying - I let spam into my inbox. I read my spam's subject and
from, then I open my spam and then I click on my spam links.

I am saying - do not let spam into your inbox - do not read your spam's
subject or from receptively as you do when you look at realmail
subject/from, do *not* open your spam and render its html and **DO NOT**
click on your spam links.

I do *not* want to read your html-rendered spambody and I do *NOT* want
to lick on your spamlinks and I do not recommend that other people do
what you are doing and I'm trying to guide you and them and 'disrupt'
your efforts to misguide them.

You are profiting the spam process by what you do. Stop doing that.
The fact that you (the ubiquitous you spammees who handle spam as you
do) make spam profitable is why we all get so much spam.



--
Mike Easter

 
Reply With Quote
 
 
 
 
Mike Easter
Guest
Posts: n/a
 
      12-02-2009
~BD~ wrote:
> <my cite>
>> That is because we completely disagree about what you are attempting

to
>> illustrate and I am positing my arguments about the many things you

are
>> doing wrong and how you are doing them all wrong.


> If you can explain how anything in an email can 'infect' my OS X box,

I
> will pay careful attention.


You are missing the thrust of my argument. I did not use the word or
say 'infect'.

I said your behavior handling your spam is bad and you are elaborating/
emphasizing the absolute worst part of the behavior, the one which
profits spam processes and potentially endangers the spam handler, which
is opening spam, rendering html, and clicking on spam links.

> Hahaha! I do understand your (cautious) position, Mike. I simply

hope(d)
> that someone here would have a VM/Sandbox facility which they could

use
> without risk to their machines.


You don't understand at all. You are exhibiting bad behavior by playing
with your spamlinks. You want to encourage others to play with your
spam links and you want others to approach the spamlink in the same way
that you did.

I am saying - don't do any of that. I am not saying that I 'can't'
investigate whether or not the legitimate thaisuzuki.co.th website is
compromised.

> As I get a 'WARNING' and do not actually go to the URL in question, I
> cannot understand the point you are trying to make here.


I am saying that almost every time you open a spam and click a spamlink
you are (potentially) profiting the spam process and that you should
stop behaving that way every step of the way.

Don't let the spam in; don't read the spam subject/from receptively;
don't open the spam and read it receptively; don't click the link to
(try to) go there.

And incidentally, don't encourage others to click on links that you
don't know what is there because you have not done the necessary
research to find out what it there. It has nothing to do with
sandboxes. It has to do with your ill-advised behavior.

The name of this group says 'computer.security' and your spamhandling is
not wise computer security and it is not wise netizenship because you
are aiding the bad guys who profit from the spam processes.

--
Mike Easter

 
Reply With Quote
 
kristlebawl
Guest
Posts: n/a
 
      12-02-2009
~BD~ expressed an opinion:
> I'm not at all interested in reading the body of any SPAM message. I
> want to know if other folk are being warned of Phishing sites in the
> same way as I am. That's all!
>
> As I get a 'WARNING' and do not actually go to the URL in question, I
> cannot understand the point you are trying to make here.


Your curiosity is reasonable, but your test is not. Less experienced
hacker hopefuls have tried to trick people into "checking" security with
websites that attempt to bypass security and install malware, as a way
to test their hacking ability.

Most reasonably experienced Usenet users are not going to click that
link, especially here. Those that will, though, are probably not
interested in satisfying your curiosity, so they are unlikely to reply,
except to tell you what is wrong with your inquiry.

--
KristleBawl
If you tell the truth, you don't have to remember anything. - Mark Twain
Taglines by http://tagzilla.mozdev.org
 
Reply With Quote
 
Mike Easter
Guest
Posts: n/a
 
      12-02-2009
~BD~ wrote:

> Whilst here, if one looks at *this* thread - on Google Groups -
>

http://groups.google.com/group/alt.c...e_thread/threa
d/888250bb7d11d20e?hl=en#
>
>
> The first two posts are 'missing' from the thread. Any clue as to why
> that might be?


Your message is html which may have caused it to be filtered. Or
perhaps it may have looked like spam to some filter. My message is
plaintext and looks less like spam, so that explanation doesn't work for
the 2nd post.

GG is a very very flawed archiver of usenet. It 'generously' archives
tons and tons of spam - see the spam which appears in the listing of
this groups topics for the same timeframe
http://groups.google.com/group/alt.c...y/topics?hl=en

.... while 'incompetently' failing to archive all of the thread you have
referenced.

While posts are fresh, they can be accessed faster/better by using the
message id in a capable newsagent - some agents can only access the
individual messages by mid, while others can access all of the thread
given an mid of one of the thread.

Both posts missing in the GG system are individually accessible via
Howard Knight's mid system.



--
Mike Easter

 
Reply With Quote
 
♥Ari♥
Guest
Posts: n/a
 
      12-04-2009
On Wed, 02 Dec 2009 12:51:57 +0000, ~BD~ wrote:

> I appreciate and understand you detailed and helpful reply, for which I
> thank you.
>
> Regrettably, you have failed to answer my question!
>
> Do the security features on *your* machine give you any sort of warning?


Don't need to, I have a built in Idiot/Troll Meter which is going off
like a fooken air raid siren right now.
--
A fireside chat not with Ari!
http://tr.im/holj
Motto: Live To Spooge It!
 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Re: Phishing site - Warnings from Google: Are YOU warned? Jim Watt Computer Security 8 12-06-2009 05:10 AM
Re: Phishing site - Warnings from Google: Are YOU warned? anders Computer Security 2 12-05-2009 10:30 AM
Re: Phishing site - Warnings from Google: Are YOU warned? Mike Easter Computer Security 0 12-03-2009 01:43 PM
Re: Phishing site - Warnings from Google: Are YOU warned? Mike Easter Computer Security 0 12-02-2009 05:58 PM
use warnings; and use Warnings; give different results Ted Sung Perl Misc 1 08-30-2004 10:22 PM



Advertisments