Beta

Slashdot: News for Nerds

×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

cancel ×

317 comments

LOL CUMMING (-1, Offtopic)

Anonymous Coward | more than 8 years ago | (#15334831)

LOL CUMMING

fp (-1, Offtopic)

Anonymous Coward | more than 8 years ago | (#15334832)

fp! go team!

So... idiots get taken for their money? (3, Insightful)

KIFulgore (972701) | more than 8 years ago | (#15334851)

At what point in history was this not a problem? Can't say I'm surprised...

Re:So... idiots get taken for their money? (5, Insightful)

SupremeTaco (844794) | more than 8 years ago | (#15334991)

Problem is, people often mistake unwanted email for unsolicited email. I don't want to hear from Travelocity every week, with their weekly specials. It's unwanted, but I can cancel their letter if it gets irritating enough. The V14Gr4 ads, are not easily (or at all) cancellable. When you blend the two types of emails, people do tend to misclassify them.

Re:So... idiots get taken for their money? (3, Informative)

KIFulgore (972701) | more than 8 years ago | (#15335075)

That is true, I get more "unwanted" emails than "unsolicited" (though I always look forward to daily /. updates). I do feel bad for people that think they can just take their PC home, plug it in, and start using it like a toaster or washing machine. My parents repeatedly ask me if there's a program I can install, or a filter I can set up, to "get rid of all the spam." First off, I'm sure I'd be a billionaire if I could do that. Secondly, it's tough to make people (especially parents) understand there's nothing "magic" about a spam message that marks it as such. It's just another dishonest and/or annoying scam artists, the likes of which you run into every day. Hard for people to keep in mind there's other people at the end of that inter-web wire... not all of them friendly.

Re:So... idiots get taken for their money? (0)

Anonymous Coward | more than 8 years ago | (#15335220)

It has nothing to do with they are idiots but more that they do not know the Internet or why it would be a fake e-mail in the first place. If someone knocked on your door and in a cable-service uniform with badge attached. Then how would you really know if he knocked on your door for a real reason or if it was just someone who wanted to have a look in your home? (Yes, I know you normally call them first - But just an example)

People aren't all idiots. Just un-educated (like my English - Sorry :) )
 

Most Phishing Is Simple To Stop (0)

Anonymous Coward | more than 8 years ago | (#15335238)

Most phishing entails taking a user to non-SSL protected site, and if they do not look for https in the address bar or lock on the bottom status bar its their own fault for not doing a little research before entering in the ID and password.

This really shouldn't be a surprise (1, Insightful)

DaHat (247651) | more than 8 years ago | (#15334853)

While it would be nice if there was a test or three that a person was required to take in order to do anything online... the fact that anyone is able to buy a PC and plug it into the internet means that there are a lot of... uninformed people out there.

It's the same group that replies to spam messages asking to be removed, purchase from spammers and leaves their PC's connected 24/7 without spending anytime to patch it.

So long as these people exist, nothing should be a surprise as to the effectiveness of phishing and other such areas.

Re:This really shouldn't be a surprise (-1, Troll)

Anonymous Coward | more than 8 years ago | (#15334908)

That, and idiots that spell 'Internet' as 'internet'

Re:This really shouldn't be a surprise (4, Insightful)

maxwell demon (590494) | more than 8 years ago | (#15334925)

Ah, and by the way, there are many people falling for fraud on the front door. We really shouldn't allow people to open the front door if they have not passed a test or three. The fact that anyone is able to open his front door means that there are a lot of ... uninformed people out there.

Re:This really shouldn't be a surprise (4, Interesting)

gstoddart (321705) | more than 8 years ago | (#15334960)

While it would be nice if there was a test or three that a person was required to take in order to do anything online... the fact that anyone is able to buy a PC and plug it into the internet means that there are a lot of... uninformed people out there.

That might be a little harsh. We're seeing increasingly sophisticated phishing stuff -- right down to building a look-alike site of the bank which they are pretending to be.

I think it's getting increasingly difficult for even people who know what they're looking for to spot.

Yes, people need to learn the basics of how to spot and avoid spam and phishing. But, the increasing sophistication of the bad guys makes it a difficult thing to always identify.

Cheers

Re:This really shouldn't be a surprise (0)

Anonymous Coward | more than 8 years ago | (#15334968)

While it would be nice if there was a test or three that a person was required to take in order to do anything online... the fact that anyone is able to buy a PC and plug it into the internet means that there are a lot of... uninformed people out there.

Well if the big telcos have their way, the only way you'll be a content provider on the internet is if i you pay them big bucks!

Rich companies never mislead customers, so nothing can go wrong!

Re:This really shouldn't be a surprise (5, Insightful)

NoTheory (580275) | more than 8 years ago | (#15335016)

I think a lot of people are being unfair. With instructions like this on SpamOrHam:
Please read the message below, enter the verification code in the box (if asked) and then click one of the three buttons. If you think the message is a spam click This is Spam, if you think it's a genuine message click This is Ham, and if you are not sure click I'm not sure. You are seeing the message as displayed in Microsoft Outlook and the raw message as it is seen by your email program. In the raw message, first the headers are shown (with From, To and Subject highlighted in bold) and then the body of the message follows colored blue.
I don't see how you could possibly think that the results of such a website could be meaningful. Spam filtering is a contextual process. This site cripples the critical component that allows humans to behave differently from naive filters, i.e. judgement based on memory. The claim being made here is that humans can't identify other people's spam (and this makes sense, how can you tell if you're shown a random email whether it's unsolicited or not? the only way you can is by knowing whether the recipient had been signed up for a mailing list or not!). You should NOT conclude, based on that fact, that humans are bad at identifying their own spam.

Re:This really shouldn't be a surprise (0)

Anonymous Coward | more than 8 years ago | (#15335168)

It's the same group that replies to spam messages asking to be removed

My father (older gentleman in his 60s) used to do this a lot. He eventually figured out that it is not going to work and he thought he was being clever by creating a junk email account and cussing them out. Little did he know that his IP was of course being sent in the header information and so now his primary account has more spam than ever. The moral of the story is to never reply to spam. Even if you think you are being clever by spamming them back or cussing them out. Simply let the spam filters do their job.

if it's done well, and some are (5, Insightful)

yagu (721525) | more than 8 years ago | (#15334854)

I've seen more sophisticated phishing examples by far, and some are indistinguishable from what might be the real thing. The distinguishing factor from a genuine missive is the best phishes have links to bogus addresses (sometimes denoted with only an IP address), and the destination site asks for information company's won't ask for from an e-mail.

One of the best phishes I've seen was sent to me -- it was ostensibly from my phone company, and it described a problem with my on-line bill pay (I don't). The letter was nicely formatted with the colors and icons of my phone company. The link was a giveaway, when I rolled over it, I could see the IP address, not a phone company web-site.

I researched this a bit more, went to my phone company's web site, and downloaded their graphics. A bit-for-bit comparison of their icons, etc., and the phishers showed them to be identical. (Interestingly, this puts phishers also in the position of being guilty of more crime: copyright violations.)

Had my suspicions not been raised by the fact I wasn't participating in on-line bill pay and the phish indicated that problem, and had I not seen the IP address by rolling over the link (which I only did because of above suspicion), I easily could have been convinced I was dealing with a real e-mail (NOTE: this was two years ago, before phishing had become real big, and it was my first incident.)

I can easily believe many, if not most could fall for well crafted phishing expeditions. I would agree with the cited article, those are weak examples unlikely to catch savvy users (though they still could catch the naive, of which there are millions!). (And, I would claim some of the examples really are nothing more than SPAM.)

Re:if it's done well, and some are (-1, Troll)

Anonymous Coward | more than 8 years ago | (#15334965)

Windoz lusers most likely, that sh*t just promotes stupidity.

*BSD 4 lyfe!

Re:if it's done well, and some are (5, Funny)

HunterZ (20035) | more than 8 years ago | (#15335090)

[i]Windoz lusers most likely, that sh*t just promotes stupidity.

*BSD 4 lyfe![/i]

Sounds like BSD doesn't help much in that department either.

Re:if it's done well, and some are (5, Insightful)

Asphalt (529464) | more than 8 years ago | (#15334966)

I can easily believe many, if not most could fall for well crafted phishing expeditions. I would agree with the cited article, those are weak examples unlikely to catch savvy users (though they still could catch the naive, of which there are millions!). (And, I would claim some of the examples really are nothing more than SPAM.)

I agree with you. Some are sophisticated, but the link is ALWAYS a give away. It is either some kind of redirect, an IP address, or a Bogus URL altogether.

Then again, how many people that use AOL know what an IP address is? 10 ... 20%?

Fine, they obviously do work.

But, this is what I don't understand ...

How do these people avoid getting busted? They have IP addresses that point directly to the fake server. Finding out who owns the servers and where it is should be fairly elementary.

I mean, Sony/BMG can track down the exact studio apartment in Chicago of someone who downloaded "Ooops, I Did It Again", but we have people conducting massive financial and wire fraud with blatantly displayed IP addresses, and we can't just go an snatch them by the by the head and give them a solid flogging?

Okay, so many are in another countries. But how many countries DON'T have laws against this?

Post a threat against the President, and the Secret Service would be at your door with K-Y and rubber gloves in 3 minutes and 21 seconds. Attempt global financial fraud, broadcast your IP, and everything is cool?

How do these people NOT get busted, and busted hard?

I don't get it.

Re:if it's done well, and some are (5, Informative)

FireFury03 (653718) | more than 8 years ago | (#15335053)

How do these people avoid getting busted? They have IP addresses that point directly to the fake server. Finding out who owns the servers and where it is should be fairly elementary.

Because the person who owns the server is almost always some home user who plugged their Windows box directly into the internet. In the same way as compromised boxes are used to send spam, perform DDoS attacks, etc they are also used to run web servers for phishers.

How do these people NOT get busted, and busted hard?

As much as I like the idea of throwing people in jail who have too little clue to secure their machines, I'm afraid I don't think it'll do a lot to stop the phishers.

Re:if it's done well, and some are (2, Insightful)

Asphalt (529464) | more than 8 years ago | (#15335139)

Because the person who owns the server is almost always some home user who plugged their Windows box directly into the internet. In the same way as compromised boxes are used to send spam, perform DDoS attacks, etc they are also used to run web servers for phishers.

Agreed. But wouldn't the ISP of the innocent user have some kind of record of where the fraud messages are being sent?

Earthlink (or whatever the ISP was) was able to tell the DC Police the exact locations that Chandra Levy pulled up on Mapquest.

Most likely the home user is plugged into a mainstream ISP ... and almost all do some kind of logging. I have a hard to believe that they couldn't figure it out to some degree. Or maybe the just sends email through 5 chained mixmaster remailers. I don't know.

These phishers have to be pretty darn good to get away without leaving any trace whatsoever.

Given their technical prowess, you'd think they could spell better.

At least 3/4ths of my phishing messages contain blatant typos or grammatical errors.

"Please to update your accont with Citibank". I mean ... come on.

Re:if it's done well, and some are (1)

flooey (695860) | more than 8 years ago | (#15335122)

Okay, so many are in another countries. But how many countries DON'T have laws against this?

It's not a question necessarily of whether there's a law against it. If a United States law enforcement agency called up Bulgaria and said "Hey, there's a guy running a phishing expedition from your country, send the cops out to their house!", what are they chances they'd do anything? In the whole scheme of things, they've got much larger fish to fry than someone duping Americans into giving away their credit card numbers.

Re:if it's done well, and some are (1)

Asphalt (529464) | more than 8 years ago | (#15335192)

In the whole scheme of things, they've got much larger fish to fry than someone duping Americans into giving away their credit card numbers.

When the banks and large corporations start hurting and eating more and more of this fraudlent activity, I have feeling it will be bumped up a notch or two on the priority scale.

The only reason it has not reached this level already is because many of the attempts to date have been very inept and amatuer.

As they get better and more sophisticated, success rates will inevitably go up.

Re:if it's done well, and some are (1)

alphafoo (319930) | more than 8 years ago | (#15335191)

I'm curious what happens on these phishing sites once someone actually does log in and submits account information. Does the site just link off to the original site, where the user then has to log in again in order to actually change their online bill pay option?

It seems that even if I got duped into believing that some email written in broken English was from my bank, and even if I went ahead and logged in to the phony site, once I got there I'd see that it wasn't really my bank's site. At that point I could change my account information or cancel my credit card or whatever, and the info the phishers had harvested from me wouldn't be of any use to them.

So in order for phishing to work, which I assume it does, it seems like we need 3 things from the end user.
1) Believe the email is authentic
2) Submit account information to phony site
3) Remain oblivious to anything being phishy about this site.

I guess with enough email volume, anything is possible.

Re:if it's done well, and some are (4, Interesting)

Asphalt (529464) | more than 8 years ago | (#15335246)

It seems that even if I got duped into believing that some email written in broken English was from my bank, and even if I went ahead and logged in to the phony site, once I got there I'd see that it wasn't really my bank's site. At that point I could change my account information or cancel my credit card or whatever, and the info the phishers had harvested from me wouldn't be of any use to them.

I have clicked on several obvious phish emailed specifically to see what happened.

I would usually enter completely bogus information into it like:

Usernname: Bunghole
Password: eatmenowyoubuttmuch

It would take me to a plain page that simply said "Thank you for verifying your information!" or somethign similar and generic.

Every now and then it would redirect me to the real site.

I've never actually gotten into anything that looked like an account site. Once you provide the username/password, they are done with you and the phish ends there.

Sometimes it is fun to play around with the phishing scams. If everone who knew what they were clicked on them, and provided useless and inaccurate info, Phishing scams would become so overhwhwlmed with usueless information that they just might have to come up with another idea.

Do your part! Screw with a scammer.

Re:if it's done well, and some are (0)

Anonymous Coward | more than 8 years ago | (#15335242)

I agree with you. Some are sophisticated, but the link is ALWAYS a give away. It is either some kind of redirect, an IP address, or a Bogus URL altogether.

This is incorrect. I've seen phishing mails in the past, that linked to domains that were very similar to the original, possibly with only some "1337-speak" thrown in, registered just days ago, and usually with large numbers of NS-entries spread all over the IP-space so as to make the domain more resillient to any of them getting taken down. I think one of them was "P0STBANK.DE" instead of "postbank.de", the bank with the largest numbers of customers in germany.

With ebay, things are even worse, since ebay themselves are spreading their operation to more domains than just ebay.com or ebay.<countrycode>, instead, there's ebayimaging.com, ebaythis.com and ebaythat.com. As of now, EBAYLOGINS.COM is still available for the first phisher with enough zombies and stolen credit cards at his hand.

Re:if it's done well, and some are (1)

zxnos (813588) | more than 8 years ago | (#15335008)

i have seen the paypal one a few times. i dont have paypal. as a result my rule is to never follow the link in any email. if i think there is something legitimate going on i will manually type in the web address for my credit card (or whoever sent the message) then see if there is some truth to it. seems reasonable to me.

Re:if it's done well, and some are (1)

DerCed (155038) | more than 8 years ago | (#15335013)

Thank god I only display emails as plain text.

Re:if it's done well, and some are (4, Informative)

aussersterne (212916) | more than 8 years ago | (#15335014)

I used to work inside eBay and saw some of the best-crafted phishes around. The phishers used to use our system to get as many official eBay messages as they could, just to be able to clone each of them and have a phish that was "real" in origin so that they could catch people. We gradually had to eliminate email that led back to the site. Some still presents a problem and is being exploited (i.e. the mail forwarding system that buyers/sellers use to communicate is currently being exploited by phishers).

One thing you didn't mention that might even get some slashdotters is that the "@" symbol in a URL is used by most browsers in a way (for authentication) that makes it possible to also spoof domains in a phish link. Try going typing this address (into your URL bar and you'll see what I mean:

http://www.ebay.com@64.236.24.12

Firefox presents a warning in this case because you're being redirected to a site that doesn't require authentication (CNN.com) yet you've provided authentication information. If the destination site (i.e. phish destination) had been crafted to require authentication and accept "www.ebay.com" as valid data, you'd get no warning.

Some of these URLs+site combinations had *very* well-crafted URLs using tricks like this that would almost certainly fool most users who had been told "don't click on a link unless it says it's going to 'ebay.com' in the status bar."

Re:if it's done well, and some are (4, Informative)

fishbot (301821) | more than 8 years ago | (#15335096)

Some of these URLs+site combinations had *very* well-crafted URLs using tricks like this that would almost certainly fool most users who had been told "don't click on a link unless it says it's going to 'ebay.com' in the status bar."

That's why this is flawed advice, and it's why I don't give it. Instead, I tell people that they should NEVER click the link, even if it looks genuine. Instead, they should open their browser, type in the address or click their bookmark, and log in to their account.

This will prove most scams immediately (e.g. if you can log in, then your account has obviously NOT been suspended ...), and the ones it doesn't will be easy to verify. If there is no warning that matches the email and you are still not convinced, phone them up or use the online support tools directly.

Basically, the rule is the same as for unsolicited phone calls: always be the one to initiate the communication. If you phone your bank using the number on your statement, then you've got through to the right place. If you type the URL on your statement into the address bar, you've got to the right place. If you let somebody else initiate the communication, either by phoning you, sending email, fax, or whatever, and you trust them not to lie, then you're as good as caught already.

Re:if it's done well, and some are (4, Informative)

tlhIngan (30335) | more than 8 years ago | (#15335186)

I've seen about two or three that were good.

The best one yet is where the target link went to a website, and through some javascript, put an image over the URL bar! The image had the right URL in it, and if you moved the window around, the image moved too (though, because it was javascript, the image movement lagged a bit, so depending on how fast you moved the window, you could see the real URL, then the image jumped over it). The reason I spotted it? the image was off by several pixels either way - I thought the text was a few pixels too low in the addressbar (and it was too far left - it went over the icon left of the URL bar). (This was in IE. In Mozilla/Firefox, when I could get it to work, the image was in the completely wrong place). That was probably 1 in 1000, though.

The other smart ones actually do verify the information you give them, too. I suppose for those, signing up with false eBay accounts and using that is good. (Good way to get rid of negative feedback accounts).

The less-good ones had an image that was clickable. Discovered only because text that isn't normally clickable is.

The vast majority are very poorly crafted emails, though. Spelling errors, sending more than one to the same email address (If you receive 3 or 4 Paypal or eBay phishes, it kinda gives the whole game away). And they don't hide the URL at all - just plain old non-redirector links. Phishing has reached the realm of the idiots.

Luckily, eBay and Paypal have several characteristics I've noticed in their legit emails:

1) If you use a separate email account for eBay and Paypal from your regular email, well, that is clue #1 if you receive an eBay or Paypal email in an account that isn't what you use for eBay and Paypal.
2) eBay emails will *always* include your eBay username in the email, not the email address. Paypal emails will include your real name as registered. This detail is almost always impossible to get directly unless you've conducted business with the target through eBay or Paypal.
3) eBay and Paypal use specific From addresses - all eBay item questions do *not* come from aw-confirm (that's only used by the bid confirmation system).
4) For eBay specifically, if you get a phish for an item, the item description is always included, while phishes just give you the item number (because the item description will tell you "fake" immediately). In addition, all eBay messages appear in the "My eBay" message section. If unsure, log in to eBay and check there.

Re:if it's done well, and some are (1)

Gospodin (547743) | more than 8 years ago | (#15335089)

The banks are somewhat complicit in this, I think, by using needlessly complicated URLs. I use Bank of America, for example, which I can access online at http://www.bankofamerica.com./ [www.bankofamerica.com] I click on Sign In, which redirects me to https://sitekey.bankofamerica.com/sas/signonSetup. do [bankofamerica.com] . After signing in, I'm redirected to https://onlineeast2.bankofamerica.com/gobbledygook / [bankofamerica.com] .

This is an easy one, especially for us geeks, because we know how to read a URL. But those URLs look like three completely different sites to the average user. In some cases, they actually ARE different sites, such as when a bank uses a separate company to provide some service.

I recognize that Bank of America is using the onlineeast2 subdomain instead of www in order to do load balancing, but aren't there other ways? Or, if not, couldn't they use www-1, www-2, etc., so the URL at least looks like www.bankofamerica.com?

Re:if it's done well, and some are (1)

slashflood (697891) | more than 8 years ago | (#15335112)

True.

Once, my girlfriend was sitting in front of her computer, fiddling with a bank statement, because she received an email from "our bank", stating that she should go to their online banking service. Allegedly, she should check a payment. To do so, she had to enter the account number and the PIN.

Fortunately, I saw her and could prevent her to click the submit button. I told her, that there is no bank in the world, asking customers to go online and enter those data. She'll never do that again.

Since this incident, I realized the phishing problem.

There's One rule I always Follow. (1)

Spy der Mann (805235) | more than 8 years ago | (#15334859)

do *NOT* manage business through e-mail! And if I have to, I'll make sure to add the involved people to my "safe list" or "address book".

(Actually, it also helps when 90% of your mails are in spanish :P )

Re:There's One rule I always Follow. (1)

gvc (167165) | more than 8 years ago | (#15334918)

(a) Avoiding the use of email for business is surrending to the s[pc]ammers.

(b) Do you have a trustworthy white list? I doubt it.

Re:There's One rule I always Follow. (1)

sesshomaru (173381) | more than 8 years ago | (#15334986)

My bank does it this way "you have a secure message in the [bank] message center. Please login to your bank account and click messages."

Considering that very few people use secure Email, this makes sense.

Re:There's One rule I always Follow. (4, Insightful)

Asphalt (529464) | more than 8 years ago | (#15335034)

(a) Avoiding the use of email for business is surrending to the s[pc]ammers.

I conduct almost all of my business online and I don't think this is necessary.

I am never, ever asked for a password or identifying information via email. At least never by the legitimate company.

And I never click a link in an email. If my bank/company wants me to update my information, I type their website URL by hand into Firefox, log into my account section, and do what I need to do.

It basically comes down to this: Don't click links in email.

This one basic rule really does solve 99.999% of all scam problems, while allowing you to conduct business online safely.

Re:There's One rule I always Follow. (1)

mikesd81 (518581) | more than 8 years ago | (#15334981)

It would be nice if businesses would set their email with received receipts. If my ISP ever sends a message to me, they always have it set that I have to send a receipt back when I've read or deleted it. I suppose a spammer could do this, but wouldn't that make it more traceable?

In other news (-1, Troll)

aadvancedGIR (959466) | more than 8 years ago | (#15334876)

/. editors can't spot dupes.

Because... (3, Insightful)

HaloZero (610207) | more than 8 years ago | (#15334881)

...there is no patch for human stupidity. [jinx.com]

Most users just don't know better, despite best efforts to educate them otherwise, or make the scams obviously fradulent. Ever seen that 'MSN will never ask you for your password!' type banner on things? Know how many people retain it? Very few.

Au contraire... (2, Funny)

Quince alPillan (677281) | more than 8 years ago | (#15335081)

Yes there is. [google.com]

Re:Because... (1)

zappepcs (820751) | more than 8 years ago | (#15335162)

As Mr White says: You can't fix stupid!

A little off (5, Insightful)

Golias (176380) | more than 8 years ago | (#15334882)

He finds it strange that people called that message from "Keith" to be spam... but the thing is, if you have no idea who "Keith" is, it probably IS spam... and if you do know him, you probably would not mark it as such.

The same goes for the US Airways thing. Yeah, it's an example of "not spam", but if you haven't recently bought a US Airways ticket, then the save bet would be that it is.

Oh... and the nun joke is fucking hilarious. That alone made TFA worth reading.

Re:A little off (2, Insightful)

French Mailman (773320) | more than 8 years ago | (#15335031)

I find it strange that a web site would tell the reader what spam or ham is, based solely on the appearance or the content of the message. As someone said at last year's spam conference, "one man's spam is another man's ham". Each person has a different definition of what spam is, and filters should be able to sort messages based on your criteria. I know that if I receive a message claiming from Travelocity, I will classify it as spam, even if it is a genuine Travelocity message. I have never done business with that company, so any mail that I receive from them would be unsolicited.

On a more technical point of view, however, I agree that there are definitely suspicious signs of an email being spam, or phish. Fake headers, bogus URLs, or any trick described in JGC's Spammer's compendium are definitely signs of spam.

spam is not the same as phishing! (4, Insightful)

seanadams.com (463190) | more than 8 years ago | (#15334884)

TFA seems to be using a funny definition of spam [google.com] .

Most would say it's unsolicited commercial junk mail, but he seems to think it means "phony" email. Apparently he doesn't mind receiving weekly airfare specials containing choice bits like "BID FOR TICKETS TO THE BIG GAME IN THE BIG EASY!"

Also re phishing: I'd say paypal is largely at fault for this. They do (did?) send an awful lot of useless mail full of clickable links - they were just begging to get phished because people were so used to receiving authentic but useless clickable mail from them. None of my other banks have done this (although one sends a fair amount of crap not specific to my account - rates and such).

Re:spam is not the same as phishing! (2, Informative)

gvc (167165) | more than 8 years ago | (#15334996)

The definition used for the creation of the corpus was
Unsolicited, unwanted email that was sent indiscriminately, directly or indirectly, by a sender having no current relationship with the re- cipient.
For more details on issues arising in labelling the corpus, see Spam Corpus Creation for TREC [www.ceas.cc] or The TREC 2005 Spam Track Overview [uwaterloo.ca] . And if you have a spam filter, sign up for TREC 2006!

Re:spam is not the same as phishing! (0)

Anonymous Coward | more than 8 years ago | (#15335070)

This weekend I saw idiot and corporate shill Dave Dotto talking about "spyware" and as far as he could express it, "spyware" was when you were looking to buy an SUV online, and a web site pops up an ad for a competitors SUV. Of course, he very quickly let us all know that Norton Antivirusspywarefirewallintarweb edition would fix all that 100%. He was still using IE to surf with, too. Sigh.

What's wrong with false positives for phishing? (4, Insightful)

qwijibo (101731) | more than 8 years ago | (#15334892)

So what if someone thinks a legitimate email from a bank is a phishing scam? Banks shouldn't be using email for anything serious because it makes their customers more susceptible to fraud. If people expect to receive legitimate and sensitive communications from their bank via email, it's that much easier to fall for it.

For example, I got one this morning talking about my home loan account with a large bank I don't have an account with. I know it's a phishing scam just from the From and Subject lines. However, if my own bank sent an email talking about my actual mortgage, I'd treat it in exactly the same way. There's no benefit to giving an email the benefit of the doubt. If there is something my bank needs from me, they can send a letter and I'll go to my local branch to take care of it in person.

Financial Darwin Awards (0)

Anonymous Coward | more than 8 years ago | (#15334894)

Some people should only bank at brink-and-mortar stores.

Google Trends (0, Offtopic)

Anonymous Coward | more than 8 years ago | (#15334897)

The blog article wasnt very interesting but I noticed for May 11th he reported on Google Trends. First time I've heard of it. Try it out http://www.google.com/trends [google.com]

The Power Of Attrition (5, Insightful)

American AC in Paris (230456) | more than 8 years ago | (#15334902)

Let's say I handed you an alternator. Could you tell me whether or not it was a genuine, durable, manufacturer-approved alternator or a cheap, flimsy, fly-by-night knock-off? To be fair, I'll give you a sheet of paper with some advice on how to differentiate between genuine and knockoff alternators.

Let's say I handed you an entire crate of auto parts, and told you that some of them may be genuine parts, while others might be knockoffs. I give you a whole binder, filled with instructions on how to differentiate between all the different "good" and "bad" parts. Some of these knockoffs are obvious fakes; others are quite cleverly done, requiring you to check for minute details such as whether or not inner surfaces are well-polished, or subtle discrepancies in serial number schemes and product logos.

At what point do you just start winging it? After one day of studious sifting? After a week? A month? When you see a part that you're pretty sure is genuine, but would need to haul out the manual for ten minutes' worth of cross-checking part and serial number ranges to confirm this--at what point do you simply go with your gut?

When somebody who knows what they're doing goes about trying to hoodwink your typical individual, it can be very hard for the individual to know when they're being hoodwinked, even if they know they might be being hoodwinked. It's part of human nature--there's a point at which you just throw your hands in the air and grant your trust to an unknown entity, because it's too tedious or time-consuming to check everything out. Given the average person--heck, even a person who knows a fair amount about the subject--there'll be a point where they just take the damn part and have it installed in their car, because they just want to be done with it and get on with their life. It's the same thing with phishing--unless you're one of those few individuals who has fairly advanced knowledge on the subject, you're eventually going to give up and make a gut-reaction decision to whether or not you "trust" the email you just got, simply because it's more trouble than it's worth to actually dig through it.

Re:The Power Of Attrition (1)

MoonBuggy (611105) | more than 8 years ago | (#15335037)

Interesting analogy, but there is one thing you fail to account for: phishing sites do not have legitimate URLs. That is all you need to remember, and all that needs to be taught to users - it'd be like your alternators all having a manufacturer name printed on them, except that it was misspelled or otherwise obfuscated on the fakes; there's no point checking how good or bad the fake is, just check if the name is legit or not, takes 10 seconds maximum. It can even be broken down into some kind of simple-ish rule for users to explain what the true domain name is and where in the address it appears.

Re:The Power Of Attrition (1)

timster (32400) | more than 8 years ago | (#15335156)

A user can't be relied upon to parse a URL correctly. How about htt p://www.yahoo.com:776AAAS0ER@1113982867 ? How many users can easily tell that this does not go to Yahoo?

Re:The Power Of Attrition (1)

silverbax (452214) | more than 8 years ago | (#15335174)

That is exactly the point, everyone on Slashdot knows what a ligit URL looks like, but most people don't. To the average person, they all look the same. Even developers on the same team sometimes have to ask what another developer had in mind when creating a url for an app.

Here is another analogy:

Take a clear glass, and fill it with tap water.
Now tell me which water molecules have pollutants and which don't.

Oh okay, I will bite. (1, Informative)

SmallFurryCreature (593017) | more than 8 years ago | (#15335052)

You got a proper alternator and a shoddy one. Right. Okay. How about this test. LOOK AT THE BOX!

If one comes with the logo of your car brand and the other comes in a plastic bag with chinese instructions. Easy choice.

I only know a bit about mopeds (50cc limited bikes) because there as a huge industry for cheap parts but they really sucked donkey balls. Very poor quality and it showed.

Easily.

Perhaps alternators are different but I can tell the difference between a shoddy muffler and a good one in a second. Mostly because the good one does not have pieces falling off.

But it is made even easier. If cars were the internet it would be very easy to spot the fake spare parts from the real ones because the real ones DO NOT EXIST!

That is how you tell a fake request for your account details email for a real request for your account details. Because the real ones DO NOT EXIST!

This is a not about cheap alternators. This is not even about people buying 10 dollar rolexes from a guy on a street corner. This is about people paying 1000 dollars for the Mona Lisa.

EVERY serious site has a disclaimer stating they will NOT ask you for your details by email. EVERY scam involves them sending an email asking for your details.

WTF?

As for regular spam, how hard would it be to spot a car part if it said r3n@ul1 instead of renault. If you would fall for the badly spelled one do you mind if I kick you? In the nuts so you cannot spread those defective genes?

Scams and spams work because people don't stop and think for a second. It is not asking people to spot gold plated from solid gold. Or even glass from diamonds. It is asking people for a second to think if this deal makes sense.

You can't cheat a honest man and you can't phis a person who thinks.

Re:The Power Of Attrition (2, Insightful)

XorNand (517466) | more than 8 years ago | (#15335159)

That's not an entirely accurate analogy; you're making things more complex than they are. A better one is that you get a few car parts in the mail every week. Included in each package is an admonishment that you need to get it installed, lest your car stops running tomorrow.

Does this sound a bit absurd because car manufacturers don't actually mail parts directly customers during a recall? Agreed. And my bank doesn't email me when there's a problem with my account. "Do not click any links in emails that solicit personal information. Either make a phone call or type in the URL manually." It's that easy. You don't have to sift through a bin of good/part car parts (or emails).

Re:The Power Of Attrition (1)

xdroop (4039) | more than 8 years ago | (#15335224)

Let's say I handed you an entire crate of auto parts, and told you that some of them may be genuine parts, while others might be knockoffs. I give you a whole binder, filled with instructions on how to differentiate between all the different "good" and "bad" parts. Some of these knockoffs are obvious fakes; others are quite cleverly done, requiring you to check for minute details such as whether or not inner surfaces are well-polished, or subtle discrepancies in serial number schemes and product logos.
Know what? If I'm in the grocery business, all those alternators are fakes!

People suck, period. (2, Funny)

shreevatsa (845645) | more than 8 years ago | (#15334903)

As someone said, think of how stupid the average person is, and remember half the people are even stupid than that. People suck at spotting when they're being cheated or lied to, which is why phishing, advertisers, and politicians merrily thrive.

Re:People suck, period. (0, Redundant)

FireFury03 (653718) | more than 8 years ago | (#15335129)

As someone said, think of how stupid the average person is, and remember half the people are even stupid than that.

Wow, you must really be stupid... maybe you need to read up on how "averages" (usually the mean) work. If I told you that people on average had 1.999 legs would you assume that 50% of people had less than that number?

Re:People suck, period. (0)

Anonymous Coward | more than 8 years ago | (#15335144)

Oh I do love to reply to posts like this. Think of what "average" means. How can half of the average be stupider than the average? You are embarassing yourself :-)

Lets say we have 3 categories, the A's, the B's and the C's, the A's are very stupid, the B's are average and the C's are smart.

What do we get when we divide the B group by half? Two groups of B's ;-)

Half of the average, no matter which half will always still be average. Half of what made up the average, however, that's a different story.

Just a Joke (1)

Herkum01 (592704) | more than 8 years ago | (#15335215)

Lucky for them I have a training course on how to prevent this. Anyone interested please send me your name, phone number, mailing address and credit card number and I will get you signed up RIGHT AWAY!!!

Remember, you never spend enough to protect yourself!!!

For the humor impaired, this was a joke...

Re:People suck, period. (0)

craagz (965952) | more than 8 years ago | (#15335240)

Yeah, look at how some nations can manipulate the thought process of their own people, using tools like Fear, Media etc etc..to launch attacks on other nations... People must Suck

*Groan* (2, Insightful)

Noryungi (70322) | more than 8 years ago | (#15334912)

For pete's sake people, if you have to show genuine emails, try at leat to sanitize them a little. Some of the 'ham' emails shown still have the full contact information, including the original email address. That's what I call dangerous!

If you don't believe me, go to the web site, and try classifying some emails... You'll see what I mean...

Re:*Groan* (0)

Anonymous Coward | more than 8 years ago | (#15335203)

Uh... all the ones I'm getting have contact details for Enron employees. I'm guessing they're fictional. No?

Making money by hook or crook... (1)

ravee (201020) | more than 8 years ago | (#15334927)

We have reached a stage where people don't think twice about the path taken to make a quick buck. And the increase in phishing attacks only goes on to prove it. And people (especially those who have just taken their first few steps in getting online) fall for the ploys of these criminal activities more frequently.

chase email (0)

Anonymous Coward | more than 8 years ago | (#15334930)

Does this look like a phishing link:
http://email.chase.com/B5RH02E0D85AC794D46693C9BD7 830

It's from a Chase email, but I don't know if it's really from Chase or not. They should at least use legit-looking URLs.

Well..... (2, Informative)

SatanicPuppy (611928) | more than 8 years ago | (#15334933)

Mind you, I think that that type of phish is the most sophisticated type of phish, being both elegant and simple. I "fell" for one of those back in the day, in that I got an email from my bank, and it notified me of some account change, so I immediately and without checking the validity of the link on the email...called my bank on the phone and said, "What the hell is up with this?"

They of course, didn't know anything about it, I checked the link and realized it was false. That was just long term ingrained habit that puleld me out of that one, because it was an excellent phish. But how do you teach those habits of suspicion to a layman?

It's just a security issue. I deal with passwords all day every day, and people are awful with their password security. It just doesn't make any sense to them, and they all think that the consequences for this or that little security breach are harmless, and so when something like this comes along, they fall for it, hook, line, and sinker.

its all a scam (2, Insightful)

Geekboy(Wizard) (87906) | more than 8 years ago | (#15334952)

I treat all of those emails as a phishing attempt. If I think it has the possibility of being legit, I type in the appropriate web address (no, I don't cut-n-paste, I type in the previous login site), login and verify the contents.

How many times do I have to say it? (1)

Billosaur (927319) | more than 8 years ago | (#15334959)

Duuuuuuuuuuuhhhhhhhhhhhhhhhhhhhhhhhhh!!

Look, your average Joe is not sophisticated; they're not going to know to look at the links in a phishing email and note they don't point to their bank's valid web address nor be able to do a DNS lookup to figure out that Joe Whathisface is not the owner of the bank's valid domain name. They don't care about this. It's the same thing that happens when people get those fake sweepstakes things in the mail saying they're won something and, oh by the way, could you sedn us $500 to ship it to you?

Put a Ford Escort engine in a Porsche 911 Turbo body and I bet 70% of the people you pull off the street would drive it and not know any better. For them, if it looks like a duck, walks like a duck, and quacks like a duck, it's a duck.

Solution: raises everyone's IQ 50 points. Plausible: not likely.

Re:How many times do I have to say it? (1)

mastergoon (648848) | more than 8 years ago | (#15335082)

The thing is, this really isnt a matter of having a high enough IQ, its a matter of being informed. People really don't expect to need to learn this kind of thing just to use a computer for simple communication. The weight of getting the word out about these things to the average user is going to need to lay on someone, probably ISPs. It should be one of their responsibilities to attempt to keep their users safe. We can educate people about some of the basics, watching out for links that are just IPs and etc (and thunderbird already has some features regarding this), but some of the higher level checks need to be done automatically by software.

Re:How many times do I have to say it? (2, Insightful)

Billosaur (927319) | more than 8 years ago | (#15335234)

The weight of getting the word out about these things to the average user is going to need to lay on someone, probably ISPs. It should be one of their responsibilities to attempt to keep their users safe. We can educate people about some of the basics, watching out for links that are just IPs and etc (and thunderbird already has some features regarding this), but some of the higher level checks need to be done automatically by software.

But no matter how sophisticated filtering technology gets, the numer of ways that data can be manipulated and the sheer volume of traffic means that some of these things are going to get through. And while extra IQ points don't automatically confer amazing powers, they might allow people to become more suspicious of something that doesn't "look quite right."

We've been educating people from the mid-60s on that smoking is deleterious to their health. Has smoking ceased? No. In that case, it's the addicition to nicotine and the idea that smoking someone cool (ever kiss a smoker? Yuck!). In the case of email, I'd be willing to bet the vast majority of folks who click on these links in phishing emails are: 1) paranoid types, who have so bought into the identity theft idea they can't stand the thought that someone may be stealing their identity, 2) people who have little sophistication in general and virtually none in the world of PCs and the Internet, 3) greedy people, who thin that they'll just fire off a few hundred dollars of their hard-earned money and some friendly guy in Nigeria will make them rich, or 4) lonely folks who just want to talk to someone or feel a part of something.

Re:How many times do I have to say it? (0)

Anonymous Coward | more than 8 years ago | (#15335115)

If it looks, sounds, and walks like a duck then it might as well be (unless you're a biologist). I'd have thought that even Joe Average would notice that his fancy Porsche can't out-accelerate the Focus next to him, though...

Re:How many times do I have to say it? (1)

spun (1352) | more than 8 years ago | (#15335142)

Put a Ford Escort engine in a Porsche 911 Turbo body and I bet 70% of the people you pull off the street would drive it and not know any better. For them, if it looks like a duck, walks like a duck, and quacks like a duck, it's a duck.

If you chop off a duck's feet and surgically attach sparrow feet, it will no longer walk like a duck.

But yeah, duuuuuh. People are gullible, what else is new?

It's quite simple... (5, Funny)

brouski (827510) | more than 8 years ago | (#15334962)

Evil will always triumph, because good is dumb.

Re:It's quite simple... (1)

maxwell demon (590494) | more than 8 years ago | (#15335105)

If good is dumb, then intelligent is evil ;-)

I work in IT security, but... (1, Insightful)

Anonymous Coward | more than 8 years ago | (#15334971)

I still don't understand how someone with a modicum of common sense would EVER reply to an email or populate a Web site with information from someone or an organization they do not know.
If I were the banks, which are the biggest targets for phisphing, I would run commercials duting primetime TV stating that "we never send out emails asking for your personal inforation". While this would not reach everyone, it would be a start. Security, however, is not a money maker, it's an expenditure. Banks will continue to only run commercials extolling their wonderful features.
Ever notice the commercials that sell drugs? What the hell is wrong with American medicine? Ever notice that none of these commercials or medical professionals ever talks about fixing the root cause? They only talk about the symptoms. Security is the same thing. Let's fix the root cause instead of treating the symptoms. Education of the populace would go a long way towards cutting down on phishing.

Account for subconcious whitelisting! (1)

fuentes (711192) | more than 8 years ago | (#15334984)

I think that there are more indirect behaviors that go into determining if a message is spam or not (given a filter misses it and it gets to your inbox). First and foremost, do I know the sender? That's a big variable that that quiz cannot reproduce or take into account - so of course people will have a tough time determining if a message is spam or ham. Second is the presence of attachments. If I know the sender, and the message isn't something like "check out this great video!", I'll be pretty sure it's ham.

That quiz is great for the basics and the practice of looking at headers, but I feel it misses the most fundamental aspect of knowing the sender and letting your brain do the work that filters miss.

Mail programs need better IP filters (4, Interesting)

davidwr (791652) | more than 8 years ago | (#15334985)

Email clients and servers need to start automatically looking at the chain of IP addresses or domains in the headers, and rating them accordingly.

If any header lies, e.g. IP address mismatches with domain name, or two successive Received-by headers don't have consistent information, then RED ALERT.

If the From domain doesn't appear in top-most received line, YELLOW ALERT. If it doesn't appear in any line, RED ALERT.

If the top-most received line's address is from a known spamming domain or open relay, RED ALERT.

If any previous mail-server, such as your ISP's, tagged the message with YELLOW or RED alerts, your alert should be at least this high.

Note that red and yellow alerts don't necessarily indicate spam. They are simply one of many indicators of spam, and should be used as input to the spam/ham decision-making process.

No HTML mail (4, Insightful)

Neil Watson (60859) | more than 8 years ago | (#15335023)

Stop using HTML or convert it plain text and it's hard not to spot a phish.

Re:No HTML mail (1)

gvc (167165) | more than 8 years ago | (#15335116)

Stop using HTML or convert it plain text and it's hard not to spot a phish.

SpamOrHam.org displays the raw message below the image. Just scroll down a bit.

Re:No HTML mail (2, Insightful)

Cracked Pottery (947450) | more than 8 years ago | (#15335260)

Yes, I believe that HTML email is, in fact, a sin. It is stupid to render it, and a breach of etiquette to send it.

Its not required (1)

bertramwooster (763417) | more than 8 years ago | (#15335028)

It is not required that they need to differentiate between scams and genuine mails.

If you see a mail warning you about some dire occurences with your account, don't click the link on the page. Use the browser bookmark or something to go to the account. The reason these scams succeed are because people are _also_ _lazy_.

Travelocity and USAirways (1)

towsonu2003 (928663) | more than 8 years ago | (#15335060)

I don't really understand the point of TFA for these two. Is he confusing spam with phishing? If you get an e-newsletter that you either didn't subscribe or subscribed because it was hidden by the website where you registered (for something else), than those are spam. It doesn't matter if it's real or not, it's spam if it's selling something and you didn't want to get that email.

If I were a spam filter, I would forward all "sell-me-something-e-newsletter"s to the spam folder. No one's telling the user not to check the spam folder once in a while...

Ignore all... (1)

otis wildflower (4889) | more than 8 years ago | (#15335072)

.. That's what I do. There's no reason a bank or CC company is sending me mail that isn't paper that I care about.

Until there's some sort of crypto trust built into email (I'd prefer some form of added/retasked fields to provide domain public keys within trusted DNS) the safest thing to do is ignore such mails until you get phone or paper spam.

Emails from banks? (1)

FreakUnique (927847) | more than 8 years ago | (#15335078)

Seriously if a bank wants to do business with me it should send me a letter written by a Human not some email composed by a machine.

My spam filter catches a lot of this junk and even if I had no spam filter I'd just delete them anyways as I don't trust them.

Provide cover for the less knowledgeable? (1)

VikingThunder (924574) | more than 8 years ago | (#15335097)

How useful would it be if a system similar to say Blue Frog would fill out bogus data to a phishing website to obscure any real victims?

frost 4Ist (-1, Troll)

Anonymous Coward | more than 8 years ago | (#15335100)

Or a public club, is8'7 a lemonade

The right spam at the right time can catch you out (1)

Chris_Jefferson (581445) | more than 8 years ago | (#15335132)

I often used to wonder just why I got so many spams which seemed identical to ones I've been getting for months. Surely by now everyone who would fall for it had done?

Then one day, I bought something off ebay, and used paypal. About 4 minutes later, I got the ping of something arriving in my mail box. It was from paypal. It said my credit card payment had been refused. I realised I might have changed credit cards since I last used paypal, so off I went to log in and check my details were up to date.

I got about half way through typing in my password before suddenly I had a sinking feeling. Yes, it had been a spam. I'd just clicked on a link in the e-mail while half-asleep.

In other news -- this is our fault! (2, Insightful)

Howzer (580315) | more than 8 years ago | (#15335146)

In other news, 50% of people have below-average intelligence.

Jokes about statistics aside, people falling for phishing is our fault. Our fault as in our industry's fault.

We've spent so long training our parents, help-desk clients, and other tech-stupid creatures that the way to respond to mysterious dialog boxes is to "Just click OK!" that at this stage the damage is essentially permanent.

Their natural instinct was to treat computers with suspicion, and we beat it out of them.

Yay for us.

PHB Interview (2, Funny)

PinkyDead (862370) | more than 8 years ago | (#15335160)

I was reading a Dilbert strip there recently where the PHB was interviewing candidates by showing them his junk mail and asking them what they would do with it.

Another couple of candidates and he would get through his inbox.

There's an intense feeling of Deja-Vu here.

which means next to nothing (1)

PMuse (320639) | more than 8 years ago | (#15335184)

Let's recite again the reasons tests like this don't reflect real-world conditions.
  1. When you receive email, you know whether the company it purports to be from is one that you do business with. Not so in this test.
  2. This is not your email inbox. In your own inbox, you know what emails stick out from the background of legitimate traffic.
  3. If you incorrectly classify email in this test as SPAM, this test calls that an error. In the wild, we call that "safe behavior".

Training or brain difference? (1)

From A Far Away Land (930780) | more than 8 years ago | (#15335199)

I wonder if it's more a lack of training or if it's a personality trait to believe phishing?

I would suggest it's mostly training, or a lack thereof, that leads people to thinking they have to validate their account. If they knew to check the URL, and beyond that knew their bank isn't going to email them, then this would hardly be a problem except for the most "simple" users who happen to be "simple" people too.

Google Mail Excels at spotting Phishing (1)

wsanders (114993) | more than 8 years ago | (#15335201)

Gmail routes everything phishy to my spam box and puts a red bar over it. They are batting nearly 100% at spam blocking too. I get about 20 per day, and 1 or 2 slip through every other day on the average.

The Phishes they catch are faily subtle, they are burying their evil link in HMTL which renders OK, and only the phony grammar of the message gives it away:

"Once you have updated your account records, your
PayPal=AE session will not be interrupted and will continue as normal. Go to the link below.

 
http://www.paypal.com/cgi-bin/webscr?cmd=3D_login- run [paypal.com]

Re:Google Mail Excels at spotting Phishing (1)

wsanders (114993) | more than 8 years ago | (#15335255)

Ooops, that didn't work - now let's switch to code post mode....

<a target=3D"_blank" onfiltered=3D"window.status=3D'https://www.pay=
p al.com/cgi-bin/webscr?cmd=3D_login-run';  return true;" href=3D"http://www.cttwmail.net:81/webscr/index.ph p">
      http://www.paypal.com/cgi-bin/webscr?cmd=3D_login- run</a>

I beg to differ (1)

70Bang (805280) | more than 8 years ago | (#15335207)



Without knowing the context of some of the messages, some of the messages labelled legitimate can easily be spam.

They read every bit like other messages which are spam. Remember, spam is:

Unsolicited Bulk Email.

Reading those messages without knowing the user's history with the senders, they may or may not be legitimate.

Many have softened and gone with the FTC's definition where it must be business-oriented, but as far as many in the anti in the community can be, it can be political[1], religious, charitable, or any other form of message. Just because the headers look legitimate doesn't mean it's not spam. It just means it's closer to U-CAN-SPAM compliant than 99.9% of what we receive (and those who have the ability to enforce it).

If it's not COI (Confirmed Opt-In), it's spam. (and anyone who says Double Opt-In is using SpammerSpeak to sucker you in)

The problem with Opt-In is you can sit down and enter any number of email addresses and they begin receiving crap without confirming their intent to do so.
_____________________________
[1] Pick a party, any party, Democrat, Republican, Naked Tree Frog Humpers, you name it. Send email asking why their representative on the news stated a particular viewpoint when it seemed to conflict with their current platform. Try adding an appended statement your message doesn't grant being added to a list. It won't matter. Any incoming email message will have the headers stripped and automagically [sic] added to their spam list. Once you find the right person to harrass, let them know you're going to start with the local media and work your way up from there to let them know they are spamming innocent parties. It might take awhile, but if you're lucky, they'll remove you.

mail blasts (not spam - spam is what everyone else sends) went out and there were a lot of unhappy people around the world. After the vote count was over, what do you suppose his take was? 11%. His campaign chief said they were stepping onto the cutting edge and leading the way where others will follow in the future. Peabrain candidate. For hiring that chief. Peabrain campaign chief.

He's the kind of guy you'd like to teach to play fetch, then throw the ball into the street.

(if you steal that, just remember, I'm a huckleberry)


Yes, but (1)

MikeyTheK (873329) | more than 8 years ago | (#15335212)

One of the things you have to understand is the way that they are measuring spam vs. non-spam. I decided to try out this project today, and some messages that I would consider to be SPAM (i.e. UCE) are not identified by the spam filter as such, and looking at the raw message doesn't appear to contain any attempt to deceive. So, it is unclear from the project what exactly they consider to be spam, and it's impossible for me to tell if they had an EBR (uh, that's existing business relationship) with the emailer, which reduces me to reviewing the message and trying to determine if it's UCE or if any of the crap inside of it is forged or not, and from that perspective determining if it is SPAM.

This is hardly ideal. I understand that what they're asking is for me to not mimic the spam filter but to be the spam filter for this mailbox, but now that I've done it for a dozen or so messages I understand how hard it is for spam filters to implement a hard-and-fast set of rules for determining what is and what is not spam. Who knows? Maybe that p3n15 enlargement email was legit, you pr0n-sicko

Haiku (1)

necro81 (917438) | more than 8 years ago | (#15335221)

A lot of the spam that's been sent my way by persons unknown have many random snippets of legitimate text in them, presumably to fool spam filters. I have had whole pages of The Hobbit quoted to me recently. I occassionally open one up to look at it (no attachments or images, just the plain text) and get entertained with very ethereal poetry. For example:

In a trice without warning the face of nature
grew sullen Black angry mouths, the clouds
swallowed up the sun The air was dense with
suppressed excitement For him there was a
little mattress of straw and woollen blankets
The wind howled through the long corridors
and sobbed and whispered in the secret recesses


Shakespeare himself never wrote a finer sonnet!

[the literary purists out there will be quick to point out that there are specific, technical definitions of what constitute a haiku or sonnet. I know these spams don't qualify as either; it's just a useful name to give them]

Trial Copy? (2, Informative)

50m31sl4sh. (854939) | more than 8 years ago | (#15335228)

Anyone spotted red text "TRIAL COPY" across the titlebars in the screenshots?
Looks like a "feature" of some screenshot capture shareware.

Nevertheless, I think (having in mind the topic of TFA) this doesn't add them much credibility.

Easy: (1)

Golradir (807889) | more than 8 years ago | (#15335231)

If it's in English, it's scam/spam/phishing, if it's in Dutch, it's genuine. Nice!

Big problem with this "test" . . . (1)

mmell (832646) | more than 8 years ago | (#15335259)

MOST of those looked like spam to my eye (although I did get 100% on the test, having a fair idea what a spam filter looks for). The fact is, many of those e-mails are spam, they just happen to be "honest" spam (i.e., not phishing attempts).

Question - if you opt in, is it still spam? In my (snail-mail) case, I get a catalog monthly from a certain firm. It's third-class bulk mail; to anybody but me I'm quite sure it looks like junk mail (the snail-mail equivalent of spam).

So . . . if I've done business with MexiDrugsForLess.com and opted in for "notification" e-mails ('cuz I want the best price on Cialis, doesn't everyone?), their e-mails are not necessarily spam, even though almost any reasonable person would immediately conclude otherwise. Now PHISHING is a more black-and-white kind of decision; either the e-mail actually originated from the apparent point-of-origin, or it's a phishing attack. I can concieve of exceptions to this, but by and large that's true.

In the end, junk/spam is largely in the eye of the beholder. One man's spam is another man's pork shoulder, er, I mean "ham".

Funny feeling (4, Informative)

shumacher (199043) | more than 8 years ago | (#15335271)

I completed about four tests before I started to get the feeling that I was actually working on training their filter. I felt like I should be charging a fee. Most of the tests are bogus. One email asked me to add some addresses to the "TW mailing list". I don't have context - in this scenario, do I work for an employer who has a "TW mailing list"? Do I manage it? The answer has everything to do with the way I'd rank it. In fact, most of the emails referred to specific people, and knowing or not knowing them would control the rating on the email.
Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Create a Slashdot Account

Loading...