Poor little phishies

Along with mail from those people who think recipients will not find it odd that they're being e-mailed by someone called "Sealant L. Circulating" (I suppose there are some people who'll fall for anything), and the joyous news that I've won the "MICROSOFT WORD LOTTERY, UK", I get, you'll be astounded to learn, a lot of phishes.

One eBay phisher kept spamming me over and over and over again about my alleged failure to send him a "K - SWISS Verstad, BRAND NEW, UK Size 9.5, Color NAVY"; I've also received numerous identical phishes from someone claiming that I've bought "1915 Amatuer SG Photo BATON ROUGE LA. Capitol Bldg", and from someone else who keeps pretending to be an eBay user called "nascar*stuff*".

Perhaps repeating the spams in these situations actually helps, since if someone really did have a financial dispute with you then you could expect them to keep complaining. But sending the exact same spams to many recipients is, like sending variations of the one spam to a single recipient, a less clever move.

Anyway, back in the mists of time, I used to submit the spam I received to SpamCop. I've long since stopped doing that, since even direct e-mail submission took too much time (though it did provide occasional amusement - somewhat NSFW, I should think...). I used the Blue Frog auto-submitter in MailWasher until the bad guys won; now I just delete what spam makes it through the ISP filters.

I have, however, been submitting phish to an online reporting service for a while now. I've been using CastleCops' Fried Phish/PIRT for long enough that most of their four digit captchas are already in the drop-down autocomplete menu (boy, that's helpful!), and just the other day discovered the brand new PhishTank, as well.

PhishTank is meant to allow easy community-based evaluation of the phishiness of URLs, as opposed to CastleCops' cabal of "Handlers"; deem usual Britannica-vs-Wikipedia argument to have been included here.

I agree with the Schneier on Security commenters who say that competition isn't a good thing in this situation, but fortunately PhishTank openly thank CastleCops for their free bad-URI list (I wonder if they'll work with URIBL too?).

So I presume that, in due course, the CastleCops and PhishTank databases will be more or less as one, and we can all get down to the important business of helping out those nice people at "The Paypal Department".

Leave a Reply