Let's finish phishing

Aug 17, 2009
  1. If you receive a dodgy Email from your bank, you look it over and say 'ah-ha', and delete it. No, you're not going to get caught in a phishing scam!

    But many people do. And one reason why it is so easy to catch them is because only the suckers, the newbies and those who had a momentary lapse of concentration get caught. Gee, doesn't that make it easy for the phishers?

    Now, what do these bozos do to honest internet businesses that don't pay their extortion fees??? Why, they'd send masses of useless replies to your business and make it impossible for you to tell the genuine inquiry from the masses of fakes. That is, if the masses of Email didn't swamp your server.

    Hey, are you thinking what I'm thinking? Haven't we been making it just a little tooo easy for the phishers by deleting their bait and making sure their servers are squeaky clean with nothing but the targets replying???

    So here is how we turn the tables.

    1) Check to make sure the message isn't from the bank and is virus free;
    3) Reply to the Email with realistic sounding names (that's plural ~ why stop at one???), fake credit card numbers etc;
    4) Send a message to all of your friends to do the same;
    5) Another phisherman bites the dust :)

    Note that it is illegal to launch a denial of service attack. On the other hand, it is perfectly legal to reply to an Email, so make sure you and your posse stay within the law.

    I'd be interested in any feedback :)

  2. jobeard

    jobeard TS Ambassador Posts: 11,122   +982

    oh goody; A reply validates that they have my email address (which a delete does not), and if I CC my friends, it gives their email addresses away too :(

    btw; if you must copy all your friends with chain mail junk, PLEASE use the BCC line
    instead of the CC line. The BCC will hide all those copied and make it appear that
    the email was from you and to only them.
  3. RKS

    RKS TS Rookie Topic Starter

    Not perfect but getting there...

    Yes, that is a hazard. But if you received the Email through your ISP's spam filter (if your ISP filters spam) then they have your Email address anyway.

    Email addresses (mailing lists) can be purchased.

    There are several workarounds that I can think of (maybe others can come up with others):
    1) change the return address on your Email;
    2) Open a free online account for the purposes of replying to phishing (there are a number of free services which you can simply close when you're done);
    3) Email from an internet cafe or some other third party provider.

    I like No.2 the best.

    Yes, BCC. Perhaps best to warn friends of scam Email and suggest as per above rather than sending them the original fake email?

Topic Status:
Not open for further replies.

Similar Topics

Add your comment to this article

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...