Re: Phishing site - Warnings from Google: Are YOU warned?

Discussion in 'Computer Security' started by anders, Dec 3, 2009.

  1. anders

    anders Guest

    Wed, 02 Dec 2009 20:47:17 +0000 wrote ~BD~:


    >> Wed, 02 Dec 2009 09:26:31 +0000 wrote ~BD~:
    >>
    >> ....
    >>
    >>> ** This is the URL to which one is directed above:
    >>>
    >>>

    >> ....
    >>
    >> I can understand if you're curious, but you should not click, open, or
    >> even respond to this kind of mail.
    >> Better if you make sure to use a good spam filter to, at least throw
    >> them directly into the trash and that you empty it every time you close
    >> your email client or, better, delete them. As already noted in the
    >> thread so you can open up and look at the source code, which should be
    >> enough to determine what kind of letter it is. Naturally I only react
    >> when one of these mail purporting to come from my ISP, and then by
    >> ensuring that they will be deleted before they are sent to one of all
    >> those who use our domain. Otherwise I do not care unless someone wants
    >> me to.
    >> As you can understand, I will not try the link, it is totally
    >> uninteresting.
    >>
    >> /Anders
    >>

    > I appreciate your post. Thanks.
    >
    > How will I ever be able to determine if other folk do/do not get the
    > same warnings I do ...... if nobody will 'test' something to find out
    > what might happen?


    You will not and there is no need for it.
    Just throw away and forget it.

    One reason to never click on links in such emails is that you then
    confirm that your address is a valid address.
    And that will only result in that you get more shit-mails and also so
    your address will be salable to other bot-nets.

    /Anders
    anders, Dec 3, 2009
    #1
    1. Advertising

  2. anders

    anders Guest

    Thu, 03 Dec 2009 14:00:44 -0600 wrote Moe Trin:

    > On Thu, 3 Dec 2009, in the Usenet newsgroup alt.computer.security, in
    > article <hf82d1$mhg$>, anders wrote:
    >
    >>You will not and there is no need for it. Just throw away and forget it.

    >
    > Why are you even downloading the crap in the first place? Are you using
    > some web mail service because the web browser is the only application
    > you can figure out how to operate? The POP or IMAP protocols permit
    > downloading headers ONLY, and that should be enough for a dumb script or
    > similar to filter (and delete on the server) unwanted mail. To bad your
    > web ``tool'' doesn't have that capability. The only spam I see has made
    > it past that style of filter, and I want to see it (as raw text - I
    > don't need to see the shade/color of chalk the sender used to create
    > the mail) so I can fine-tune the filter.
    >


    I'll pick only the letters found on the server provided by my ISP, which
    in it's turn is supplied by the company my ISP buys the service of (if
    you want to bark at anyone bark on them, not me, I'm just a
    customer ;-) ).
    What I do is mostly nothing more than see that something ended up in the
    trash, and this in it's turn will be deleted when I close Thunderbird.
    The filter is self-learning and are doing really well, better than
    expected.

    >>One reason to never click on links in such emails is that you then
    >>confirm that your address is a valid address.

    >
    > No, the mail server didn't reject the "RCPT TO:" command during the SMTP
    > stage, so either the idiots running the mail server are totally
    > incompetent (and should be shot) or the address exists.
    >
    > The reason not to click on the link OR EVEN TRY THE URL MANUALLY is that
    > this action proves not that the address is valid, but that there is an
    > absolute fool who READS the crap that is sent to that address. Wow -
    > this must be a sucker who WANTS this kind of shit.
    >
    >>And that will only result in that you get more shit-mails and also so
    >>your address will be salable to other bot-nets.

    >
    > I haven't bothered looking lately - what is the current price of a
    > "Millions" CD - or are they DVDs now? (After all, a CD will only hold
    > 676 million bytes, and that's only 15-20 million email addresses of
    > proven fools.)
    >
    > Old guy


    I do not know, do not care. But surely a few cents per address.

    /Anders
    anders, Dec 3, 2009
    #2
    1. Advertising

  3. anders

    anders Guest

    Thu, 03 Dec 2009 21:03:49 -0600 wrote Moe Trin:


    > If your mail tool speaks POP or IMAP (standards that predate the web),
    > it speaks to the mail server in a very simple language of less than 20
    > four letter commands. One of those commands is 'DELE' which takes one or
    > more arguments (message numbers). That command tells the mail server to
    > delete that message. Obviously you used a different command like 'TOP'
    > or 'LIST' to see the headers (and perhaps a few lines of the body). The
    > majority of spam is trivially identified looking at those headers.
    > Download to the trash? Why bother?


    I have found a predefined filter rule that will allow me to delete
    directly on the server.
    Should be the GUI-equal to what you call 'DELE'.
    As it looks like, it has already deleted 3 junk mail directly from the
    server, so thank you for telling me about the DELE-option.
    I had probably not been looking for this option otherwise.

    >>> I haven't bothered looking lately - what is the current price of a
    >>> "Millions" CD - or are they DVDs now? (After all, a CD will only hold
    >>> 676 million bytes, and that's only 15-20 million email addresses of
    >>> proven fools.)

    >
    >>I do not know, do not care. But surely a few cents per address.

    >
    > The prices several years ago were on the order of 15-20 million
    > addresses for US$250 - if you do the math, that's about 700 for a single
    > cent. Selling addresses is not a lucrative business. What seems to be
    > more common today is using dictionary attacks (where the bad guy takes a
    > list of common names such as a telephone directory and tries variations
    > of those names) and the common viruses (that read your address book to
    > get a list of names you know to be valid). The whole world knows there
    > are millions of idiots out there who will auto-run anything that has a
    > URL. 'bot-nets use that technique fairly frequently - recall the bad
    > guy doesn't pay for the computer time in 'bots'.
    >
    > Old guy


    As you notice, I know nothing about this kind of buying/selling
    addresses, or this spiders that crawl around on the net collecting
    addresses from all kinds of public servers on the net.
    You should probably not try to let silence kill any problems, but with
    spam, I am not so sure about that...

    /Anders
    anders, Dec 5, 2009
    #3
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Mike Easter
    Replies:
    5
    Views:
    1,570
    ♥Ari♥
    Dec 4, 2009
  2. Mike Easter
    Replies:
    0
    Views:
    1,214
    Mike Easter
    Dec 2, 2009
  3. Jim Watt
    Replies:
    8
    Views:
    1,522
    Mike Easter
    Dec 6, 2009
  4. Mike Easter
    Replies:
    0
    Views:
    1,185
    Mike Easter
    Dec 3, 2009
  5. RichA
    Replies:
    2
    Views:
    160
    Sandman
    Sep 2, 2013
Loading...

Share This Page