So I get phishing spam, just like everyone else. The emails come, from PayPal which I don’t have, with headers that are mis-spelled, and the Click here to check your account has hover over text of <www1.werobstupidpeople.xyz>. So I don’t follow it.
I can put it in the spam folder, and Yahoo moves it, and it might help them auto-detect spam. They used to be better at that than they have been lately.
Anyone else? Is there a clearinghouse building a database of the domains they select for their spam. I got one today, that seemed pretty sophisticated, the hover-over text didn’t give me a hint at all. Only one character, in the whole email, gave it away.
Is there anyplace I can send that to? Anyone working on this? Bueller?
spamcop.net has an automated reporting tool. You copy/paste the raw e-mail, and it filters the header to find the true source, and also looks at the spamvertised sites, and send reports to their hosting service.*
However, some places do not accept spamcop reports.
You can also forward the entire e-mail to the Federal Trade Commission at spam@uce.gov
*ETA - providers used to send back reports when they deleted accounts and websites over spam. I had a fairly good collection back in the day.
Many internet security suites used to include some form of anti-spam protection, so you could report it to the security vendor (McAfee, Norton, etc). Some vendors leave that functionality to ISPs now (and many people don’t get security suites). If you have a security suite, you can check your dashboard for a report function.
Hotmail has a ‘report phishing scam’ function which serves the same end-user function as just junking the message, but contributes to future improvement of mail filtering.
Does Yahoo not have anything like this (in the native webmail interface)?
Gmail has a “report spam” button. It removes the e-mail from the inbox and moves it to the spam folder. It also connects to the gmail host, but I have no idea what transponds there. I have no idea if this gives google something they can really work with.
Not sure how it can help anyway. Spams always have falsified headers, and they’re always different. So it’s not clear how google can build a black-list of that. However, reported spams may provide more data for their automated AI filters to learn from.
I don’t think Yahoo mail has a one-button report. I used to formally report emails forged from myself to myself and others to Yahoo, because those really upset me-- 5 years ago. Now such things are so commonplace no one cares. Yahoo certainly didn’t seem to care back then. The one button Spam folder option remains in Yahoo.
This second email really bugged me. The hover-over text was an anonymized link, like you’d expect from a banking site. All links seems clean, header seemed clean, just in one tiny spot, once, a letter ‘k’ used where it was not needink. If that wasn’t there …
Well, I still wouldn’t have clicked because I don’t use Bank of America. But if they had used my bank’s name … No, that wouldn’t have worked either, because I don’t online bank.
But still. I want to do stuff online. Meh. That’s besides this point. I’ll be sure I share really bad emails with the groups mentioned, before I spam report to Yahoo.
Google potentially has more information than that - in order for the message to have arrived in Gmail, it has to have come from somewhere - and that process involves a small number of things that can’t be spoofed - the IP address of the sender, for example - not terribly helpful as it may only be the temporary IP of an infected PC, but taken together with the analysis of the message content, it probably helps a bit.
True, but the header can be deconstructed and the source found. Some part of the header must be true. That’s what spamcop does - it processes the header, finds the true source, and generates a report.
For a long time, many of the more commonly-spoofed network entities (i.e., the companies that the phish email purports to be from) were interested in having phishing emails forwarded to them for their awareness. (For instance, they’d sometimes put up examples on their “how to recognized you’re being phished” customer support webpages.)
Not sure if most bother any more, although Blizzard’s phishing notice web page still says “If you receive a phishing email, please forward it to hacks@blizzard.com. Copy and paste the entire email header into the message body so we can identify its source.”
Whatever it is that Google does seems to work very well, as I haven’t gotten a single spam in my inbox since I signed up about six years ago, and I don’t know of any instances where a legitimate e-mail has be incorrectly junked. I’m sure that one does still occasionally get through, and if you report it, they probably use it to improve whatever they’re doing further (and the current system is probably the result of many such improvements already).
“Semi-automated” might be a better description of that process, since it still requires a lot of tedious manual copying and pasting. Spamcop does have a fully automated reporting service that you can use if you’re trustworthy and technically competent enough. I’ve set up my e-mail client so that all e-mails that trip the spam filter with a high enough score are automatically sent to Spamcop. Any spam I get below this threshold I can manually report with a keystroke.
except for an email from the provider of the service (formerly yahoo, now google), I’ve never recieved an email i wasn’t expecting. that’s 17 years of no spam, no phishing, no nothing.
Bumping because I just found an odd one in my spam folder. I guess they’re pretending to be Google, due to using Google’s street address at the bottom of the email, but there’s no clue otherwise.
Is there a Google address I can forward this to? All I can find is a way to report Gmail phishers; I’m not on Gmail, nor is this from a Gmail account.
For cases like this you can usually use SpamCop, which is mentioned upthread. Not only do they take care of reporting spam and scams to the mailer’s ISP, but they will also check the message body for “spamvertised” URLs (to websites that the spammer is advertising or using to host phishing sites or impersonating an association with and, if possible, notify the webmaster’s ISP.
Of course, this won’t work if the message contains only a street address. In this case you can always fall back to forwarding the mail to abuse@google.com with an explanatory note. Technically every holder of a domain name used for e-mail is required to maintain an abuse@… address for receiving reports of abuse. However, this requirement is widely ignored, and in the case of Google it’s a virtual certainty that no human will ever read anything sent to their abuse@… address.
not only should you be checking the inbox … but also the spam ‘n trash folders. email filters occasionally miss a legitimate email or three … ending up in either the spam o’ trash folders. veritably, i usually check each of those folders once a week.
as to the onload 'n onhover 'n onmouseover principles … i choose to avoid 'em as much as possible. [i.e. i typically don’t even read the emails … if i have an account with the purported institution, i simply log into their website and do my commerce therein.]
i have been known … to actually physically ‘type’ the reference*(s)* into notepad from what my eyes see … rather than relying on copy/paste functions. in my mind … it’s too risky taking chances … might accidentally click something o’ whatever. the way i see it … if one human can create something … there’s at least one human trying to backward engineer for purpose of infiltrating o’ circumventing.