Page 1 of 1

phishing email

Posted: Tue Oct 26, 2010 2:08 pm
by unclejohnny
Hi, I have just received a phishing email from the USA Tax Dept (besides the spelling mistakes) this made it easy to spot.
.
But what concerns me is that the cc listed twenty (20) Exetel members email addresses.
.
All starting with the letter "B" and appear to be genuine email addresses. (see below)
.
How would they have so many Exemail addresses ?
.
If they have 20 addresses starting with the letter "B", does this equate to 26 x = 530 exemail addresses ?
.
Johnno
.
This is a sample of the addresses ... I have altered them to protect the members:
.
bpsta***@exemail.com.au; bradl***@exemail.com.au; braggsav***@exemail.com.au; bre***@exemail.com.au; bren***@exemail.com.au; brettan***@exemail.com.au; br***@exemail.com.au; brui***@exemail.com.au; bryan***@exemail.com.au ... etc etc etc

Re: phishing email

Posted: Tue Oct 26, 2010 2:30 pm
by Klaas
When spammers send email, they send to just about every combination of letters they can come up with

You simply got some where they started with "b", and there will be a damn site more than 20 - that's all they cc'd on the one you received.

Re: phishing email

Posted: Tue Oct 26, 2010 2:34 pm
by CoreyPlover
unclejohnny wrote:How would they have so many Exemail addresses ?
Any number of ways, including harvesting from public pages, to simply brute-force guessing. For instance: a simple google search reveals perhaps 6 Exetel pages, followed by pages with a public exemail.com.au email address. Most are businesses, but I'm sure there are many personal addresses in there too
unclejohnny wrote:If they have 20 addresses starting with the letter "B", does this equate to 26 x = 530 exemail addresses ?
Even if they do, that isn't that many. Most spammers would spew their spam out to thousands upon thousands.

Users will always be at the mercy of phishing and spam. It is ultimately the individual's responsibility to: 1. Protect their identity by restricting the publishing of their details on public pages and 2. identify phishing threats and ignore / delete them without responding (as you have just done)

Re: phishing email

Posted: Tue Oct 26, 2010 3:07 pm
by Dazzled
Wot Corey sez.... I just harvested 95 separate exemail addresses from a simple search. You can also practically guarantee that the pests will use every name that is a dictionary word.

Most phishing depends on html email, (fostered by a large US software company, but utterly contrary to the standards) where not only misleading graphics can be displayed, but also falsified links. If you turn html display off in your client most of this garbage simply looks pathetic, even with good spelling.

If you must run risks, one thing that can alert you to suspicious html links is to always run a user javascript in your mail client, if it supports it, that checks the html link text (usually innocent) against the true hyperlink address (the crim's real postbox or web site). There are a few published on line - most will display a warning icon on the page (red flag, etc) , or pop up an alert message, when there is a difference.

Some clients can compare your mail's origin and links with a register of known phishing URLs, eg, see http://www.phishtank.com/ (OpenDNS) or http://news.netcraft.com/ and warn appropriately.