TechBlog
leaflet
Latest:
#js1k entry finally complete - AsciiBrot1K:http://urlm.in/flii - from T-SQL to JavaScript and then down to just 1KB of hand-compressed code
Main
Home
RSS Feed
Archive
Log In
Search this blog:
Recent Posts
Motorola Europe, I Challenge Thee
Windows file sharing stupidity
Ubuntu 10.10 and laptop touchpads
Android issue 8636 - "Can't establish a reliable data connection to the server"
Smoothwall, cbq.init and bugs
Categories
Ubuntu
Linux
PHP
JavaScript
Web design
Rant
Web development
Interface design
Links
Help fight spam

More Phishing

Posted on 6 March, 2008 by maximinus
Over the past few weeks, I'd received a couple of identical phishing emails, targetting customers of a Canadian bank.  The emails have a spoofed sender address of abuse@<target bank's domain> - and the first couple of times, I just let it go, because I couldn't be bothered reporting it (and I hadn't realised that it was a bank).

Yesterday, I received yet another one.  I decided that since it was still going on, I should report it.  I forwarded the email (as an attachment, to preserve full headers) to abuse@<bank's domain>, with a note explaining what it was.  I then went to bed.

This morning, I checked my email, only to find a failure notice from my mail server, informing me that the bank's mail server had rejected my message:
Remote host said: 550 This message contains a virus
(Phishing.Heuristics.Email.SpoofedDomain)
It's great that their server has detected a phishing email - but how can I report the phish, if their mail server won't accept the message?  I guess I'll just have to give them the full headers and the message content sans-link...
Currently listening to: She Is My Sin - Nightwish
No comments have been posted on this entry.
Post a comment:
Sorry, comments have been disabled.