Gadi Evron wrote:
The guy mentioned the concept of sending warning emails to customers to begin with. His opinion is that it is a mistake, and only causes confusion. On top of that it raises support desk costs as people call in for explanation, as well as to report new fraudulent emails they see while in the past they mostly just ignored them.
The earliest warning email we sent out to customers was: # Date: Mon, 11 Aug 2003 15:34:43 -0500 # Subject: New Virus Warning #... # There is a new virus spreading around the internet. It has a subject like # "your account" and it has the following text in it: # # > I would like to inform you about important information regarding your # > email address. This email address will be expiring. # > Please read attachment for details. #... I don't remember an uptick in support calls after that message, but there were plenty of calls about the phish message itself, so we hoped that sending a warning to everybody would reduce the problems. We'd had a user taken over, and then the account was used for so much spam that the bounce messages totally filled the incoming mail (filter) server.
I appreciate your feedback, I had no idea ISP phishing goes all the way back to 2003..
Ha! Goes back much farther than that! The earliest I have at my fingertips (saved email on this laptop only goes back to 1999): # DATE: 27 Dec 00 7:43:14 PM # SUBJECT: re: your account # That was a web phish at hxxp://vaginaonline.com/a.usertrack2781.75/5/ And they were obviously tracking exactly which users responded! You'd think our customers would notice that domain wasn't us. ;-) But even today, it's a security problem that users don't notice the URL they're clicking, or pay attention to security warnings less subtle than a big gray popup dialog box....
although dictionary attacks may not be best defined that way. Definition discussions are boring though.
I meant that they tried every word in the dictionary for user names, maybe every combination of letters and numbers. Anyway, I was wrong about the most recent one that I'd saved. Who could forget the especially virulent (976 Google hits): # Date: Tue, 16 Mar 2004 10:59:13 +0100 # Subject: Important notify about your e-mail account. Anyway, none of this helps you with researching non-English ISP phishing. But it shows that this isn't a /new/ problem around here.