Results 1 to 7 of 7
  1. #1
    5 Star Lounger st3333ve's Avatar
    Join Date
    May 2003
    Location
    Los Angeles, California, USA
    Posts
    705
    Thanks
    0
    Thanked 2 Times in 2 Posts

    Who'm I gonna call (or e-mail)?

    I got phished today for the first time. The e-mail claims to be from the Amazon Billing Department and it tells me I need to click on the provided link and "renew" my account information within 48 hours or my account may be suspended. The provided link appears to be an amazon.com sub-page but actually links to http://66.160.154.156/catalog/amazon/index.html, which Symantec's Visual Tracking ID's as Peek-A-Book-Store.com.

    My question is: Is there some law enforcement authority I can report this IP address to for prosecution or other appropriate action?

  2. #2
    Super Moderator jscher2000's Avatar
    Join Date
    Feb 2001
    Location
    Silicon Valley, USA
    Posts
    23,112
    Thanks
    5
    Thanked 93 Times in 89 Posts

    Re: Who'm I gonna call (or e-mail)?

    Generally I foward phishing messages to my spam filtering provider (Postini) with a copy to the abuse address for the site's host. In this case, that would be Hurricane Electric, abuse@he.net (see http://ws.arin.net/whois?queryinput=66.160.154.156). In Outlook, it's a bit tricky to forward with all the headers, but if you copy the message and paste it into a fresh one, those should be preserved.

  3. #3
    5 Star Lounger st3333ve's Avatar
    Join Date
    May 2003
    Location
    Los Angeles, California, USA
    Posts
    705
    Thanks
    0
    Thanked 2 Times in 2 Posts

    Re: Who'm I gonna call (or e-mail)?

    Thanks for the prompt reply. I'd already reported the e-mail to abuse@he.net, but that's the same thing I do for garden-variety hacker attacks when Norton detects a trojan horse intrusion attempt. I've always assumed that the only consequence that ever followed from one of those reports (and maybe only in my dreams) was that that particular ISP would refuse to continue providing service to the hacker.

    I think of phishing as something that law-enforcement should be going after, and hoped I could trigger something along those lines. Would Hurricane Electric be under any obligation to report the phishing attempt to some kind of police?

  4. #4
    Super Moderator jscher2000's Avatar
    Join Date
    Feb 2001
    Location
    Silicon Valley, USA
    Posts
    23,112
    Thanks
    5
    Thanked 93 Times in 89 Posts

    Re: Who'm I gonna call (or e-mail)?

    There probably are other places to report, but I've never taken the time to check. Perhaps the U.S. Federal Trade Commission?

    The FTC page "<A target="_blank" HREF="http://www.ftc.gov/bcp/conline/pubs/alerts/phishingalrt.htm">How Not to Get Hooked by a

  5. #5
    5 Star Lounger st3333ve's Avatar
    Join Date
    May 2003
    Location
    Los Angeles, California, USA
    Posts
    705
    Thanks
    0
    Thanked 2 Times in 2 Posts

    Re: Who'm I gonna call (or e-mail)?

    Thanks again for your help. I've now forwarded the e-mail to spam@uce.gov and also filled out a phishing report at Amazon.

    I promise not to expect prompt action. I understand our government is a little busy tracking phone calls at the moment. <img src=/S/grin.gif border=0 alt=grin width=15 height=15>

  6. #6
    Plutonium Lounger
    Join Date
    Oct 2001
    Location
    Lexington, Kentucky, USA
    Posts
    12,107
    Thanks
    0
    Thanked 1 Time in 1 Post

    Re: Who'm I gonna call (or e-mail)?

    I got one last week, "pretending" to be from Chase. I contacted Chase at the address actually on my credit card and sent the message to them. They promised to investigate but I know I'll never hear from them again. I didn't send anything to UCE.GOV but would be interested if you ever DO hear from anyone.

  7. #7
    Platinum Lounger
    Join Date
    Jan 2001
    Location
    Quedgeley, Gloucester, England
    Posts
    5,333
    Thanks
    0
    Thanked 1 Time in 1 Post

    Re: Who'm I gonna call (or e-mail)?

    At work I installed a very good "spam pre-processor" program which looks at incoming messages before they pass through to our Exchange server. One of its features is to compare the visible website address for links with the underlying HTML address data, and it throws up a "possible phishing attempt" error if there is a mismatch. Probably the new IE7 anti-phishing feature is similar? The usual give-away is that you don't have an account with that institution!

    I forwarded one of these emails to the appropriate bank, and they said that the phishing website had already been taken down -- but I don't know how soon this was after the first emails were sent out.

    John
    <font face="Script MT Bold"><font color=blue><big><big>John</big></big></font color=blue></font face=script>

    Ita, esto, quidcumque...

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •