Phishing Phor Phishers

August 31, 2006 on 4:56 pm | In Foobars, Funnyish, Insider View, Musings, Rants by Josh Jones |

Phinding Nemo!

A funny thing happened to me on Tuesday.

Well, really it happened to my wife. But I hear being married is all about sharing.

We had just finished dinner when she casually mentioned we were getting a tax refund.

“Oh?” I responded…

“Yeah, I got an email”

“OH???????”

I immediately had a sinking feeling.. had she been PHISHED?

How aLUREing!

I asked if she’d given her credit card number out?

“Yes.”

Social Security Number?

Yes.

MY Social Security Number?

NO! Sheesh, what do you take me for?!

Which credit card?

Our Visa check card.

Oi! That’s a bad one! I’m not sure the kind of fraud protection we have on it, and it’s tied to our bank account directly!

Before even inspecting the email, I called in and had them cancel the card. Hooray, no charges had gone through yet!

Honey, didn’t I warn you before about PHISHING scams?

Well, yes.. but I forwarded it to you on Monday and you never wrote back! So I just did it.

I never saw that email! (Sure enough.. it was caught in my spam filters. Makes sense!)

Couldn’t you have called me on the phone or even asked me in person on Monday night or Tuesday morning?!

I forgot about it until I checked my email again!

Anyway.. let me see the email you got.

And here it was..

Date: Mon, 28 Aug 2006 11:58:14 -0500
To: joshswife@yahoo.com
Subject: Tax Information - joshswife@yahoo.com - (Code 7863-3843)
From: “IRS.gov” Add to Address Book Add Mobile Alert

God bless the IRS!

Account : joshswife@yahoo.com Number : 7863

After the last annual calculations of your fiscal activity we have determined that you are eligible
to receive a tax refund of $191,40. Please submit the tax refund request and allow us 5-7 days in orders to process it.

A refund can be delayed for a variety of reasons. For example submitting invalid records of applying after the deadline.

To access the form for your tax refund, please click here.

Regards,
Internal Revenue Service

Here are the immediate red flags that go off in my head when I get emails like this:

Right off the bat, any email I get from an address I’ve never received one from before has a 99% chance in my mind of being a spam, scam, or some kind of an annoyance.

I never get tax refunds! Ever ever ever. It’s not fair.

The IRS and state taxing authorities don’t send notices via email.

The IRS and state taxing authorities don’t have my email address.

They DO have my name and SSN, and would probably put those in an email, IF they had my email address and IF they sent emails.

There’s a typo in the email.. it says “of” where it should have said “or”.

They used a comma instead of a period for the decimal point in the dollar amount! That may fly in Europe, but god bless the IRS, this is America!

The link takes you to thistlejack.com!

But, believe it or not, my wife is not stupid. In fact, she has a PhD from Harvard!

Not my wife.

For real.

Too bad she doesn’t run a web hosting company!

There’s no better training against phishing scams than having dozens of fraudsters a day attempting to send them from your servers!

But for the rest of you LOWLY Internet users, phishing scams work. And I think I know why:

They send a lot of phishing emails.

Just by sending a lot of messages, they’re going to catch a tiny percent of people who were specifically waiting for that email!

Even the almighty Josh nearly fell for an Ebay phishing scam once when I got the phish the very moment I had just won an auction.

And of course, a tiny percent of people are going to go for it even when they weren’t expecting an IRS refund, a paypal payment, or an ebay auction.

They prey on people’s greed or fears.

To my wife’s credit, (she claims) there were a LOT of red flags and alarms going off in her head while she filled out that form. But the lure of the $191,40 was just too strong!

And we’re rich!

People are getting really comfortable with “e-commerce”.

My wife doesn’t really care too much about giving out her credit card info online. Really, why should she? You’re not generally liable, and we should have the replacement card in the mail tomorrow. I do wish she was a little less comfortable with giving out her SSN though…

The thing is, how often in the real world do you come across an individual or business who is really trying to scam the crap out of you? Hopefully not too often in this country at least. It just doesn’t really happen. But on the Internet, it really does happen. Millions of times per day.

Fortunately, a lot of people are still deathly afraid of this “Internets”, and won’t give out anything to anybody! Or maybe that’s not fortunate.. because really, you’re not generally liable.

People are technically naive.

Honestly, it’s pretty easy to look at a URL and know if it’s legit.

Or is it?

I was trying to explain to my sister-in-law how to know. Basically the best I could do was “If the VERY first part of the URL is the correct domain name, and only the domain name, and doesn’t have a dash or something before it, but it’s okay if it has a dot before it, as long as it doesn’t have a slash before the dot, then it’s the right site!”

In fact, my wife was even like:

Well, I knew thistlejack.com wasn’t irs.gov, but you know how sometimes websites link off to some other server for their payment processing? And when I clicked all the links on the site, they were legit.

Because the links WERE to irs.gov!

Even the fact the page wasn’t secure didn’t faze her!

What was I to do?

I already canceled the credit card. But I wanted more! I wanted to shut this guy down, and I wanted to make sure nothing happened to my wife’s SSN.

First, I did a whois lookup on thistlejack.com and called the owner, Mr. Robert Stirling.

I knew he wasn’t the phisher. Nobody in the US phishes, and nobody uses real contact info when registering a domain for phishing! It looked like from the URL that the phisher had exploited a hole in a photo gallery script he had installed. (Which is why we have mod security for our happy hosters!)

Fortunately, he answered the phone.. I explained the situation and he was very, very, cooperative and helpful!

He logged in to his domain, took the phishing site down (it’s down now), and then at my request emailed me the source code for their web form. I wanted to see what was happening to the data.

Just as I might have guessed, it was being emailed off to two separate anonymous yahoo.com email addresses.

I immediately emailed abuse and postmaster@yahoo.com, got a tracking number back and started waiting. And waiting. (I’m still waiting…)

I couldn’t wait anymore!

I had to do something (besides call the credit reporting agencies and tell them what happened)!

And then it hit me!

Maybe I could fill this jerk’s mailboxes with enough BOGUS DATA that he’ll just give up on it all and not realize that my wife’s info was for reals!

Of course, it wouldn’t be too hard for him to realize all submissions after a certain time were fake.. but hey what did I have to lose?

I took the source code from that script and made up my own that sent an identical email to those two addresses, but with randomly generated info!

In this picture, are you on the left or right? I know that I'M on the left!

It was fun!

I set it up with a cron job to run every 20 minutes (but I put a random sleep of 1-20 minutes at the front so they didn’t come in too regularly).. it’s still going right now.

I’m going to keep it going until I hear back from Yahoo!.. and just FYI, here’s the output they were receiving from their phish:

Date: Thu, 31 Aug 2006 16:58:15 -0700 (PDT)
From: thistlej@server4.whmsecure.com
To: phisher@yahoo.com
Subject: IRS - Full

[ . . . : : : IRS FOUNDS : : : . . . ]
Social Security Number: 356 - 00 - 0258
Name On Card: Robert Rieger
Card Number: 6105341453830068
Expidation Date: 12 / 2007
CVV: 123
PIN: 5702
[ . . . : : : IRS FOUNDS : : : . . . ]

(Don’t worry, that’s a fake one I generated!)

In closing…

Phishing scams are pretty darn effective. They’re tricky, and they’re lucrative!

Or do!

Anyway, my wife’s pretty embarassed about the whole thing and made me promise not to tell anyone.


152 Comments

Pages: [1] 2 3 4 » Show All

  1. 1

    So, um, I guess she’s gonna kill you now huh?

    Comment by viperteq — August 31, 2006 #

  2. 2

    And you’re spamming!!! Strange thing to read from you…. But fear in this case, I think.

    ( :

    Comment by Doufer — August 31, 2006 #

  3. 3

    I won’t tell her, I promise!

    Comment by compulov — August 31, 2006 #

  4. 4

    Oh! - This explains the Comcast fiasco!!

    Comment by Dufus — August 31, 2006 #

  5. 5

    Josh, why you not like the way European use of grammar?

    Comment by Andy — August 31, 2006 #

  6. 6

    My wife used to use my computer, but I ended up buying her one of her own after weekly virus infections, trojans and being emailed from having email sent from me/her by every “SMS buddy circle” BS scam on the planet.

    Now her pc is isolated from the home network, and she’s not allowed to sign up for or buy anything without showing it to me first after sending a lot of information to some very bad people.

    In Japan, where I live, the Japanese and Chinese mafia both run phishing and extortion scams, they even have sites here they call “one click obligation” sites, where if you click any link on the site it runs through a fake signs up process which shows an animated gif which makes it look like you just agreed to pay for something and at the end it displays a bank account number for you to transfer money to, usually at least $500, and people actually transfer the money, no services received. But if you were unfortunate enough give out your telephone # or email you get contacted by some less than friendly people. You can hear an example phone call at http://www.youtube.com/watch?v=bBENSGykwwo
    the video is actually from the news here where a “legal” big corporation who makes loans called this old man and threatened him, the screaming end of the conversation is the “company”, this story made big news here, but while that company is temporarily shut down there are at least 4 other big corporations who work the same way… gotta love a government controlled by the mafia.

    I’d like to pretend we got rid of our problem by me toughing it out and threatening to kick their proverbial asses, but I just always pretended I couldn’t speak Japanese when I answered phone calls from them and they eventually got sick of it and gave up, mobsters = not the most multi-lingual bunch of people on the planet.

    Comment by ttancm — August 31, 2006 #

  7. 7

    > Anyway, my wife’s pretty embarassed about the whole thing and made me promise not to tell anyone.

    LOL

    but I hope your wife doesnt look like the asian fellow in the for real picture!

    Comment by Nathan Friedly — August 31, 2006 #

  8. 8

    [...] DreamHost Blog [...]

    Pingback by Getting Nothing Done / DreamHost CEO Josh Jones’ Wife Falls for Phishing Scam — August 31, 2006 #

  9. 9

    have you thought of puttiing a freeze on your credit file with the three credit bureaus? there is a how-to on California gov page (it might not be possible in other states for some odd reasons — anyone knows?):

    http://www.privacy.ca.gov/sheets/cis10securityfreeze.htm

    If you are used to apply for credit and/or open new bank account often, it can be a bit of a drag, but it can help protect you from the consequences of having been ‘phished’.

    –Sylvain

    Comment by Sylvain — August 31, 2006 #

  10. 10

    Maybe your wife need a spam filter?

    Comment by Unofficial DreamHost Blog — August 31, 2006 #

  11. 11

    Spam Filter for and against all women in this world! Yeah. Just imagine all the talk that would be blocked in real life.

    Comment by not important — August 31, 2006 #

  12. 12

    hilarious! thanks for sharing!

    Comment by helge — August 31, 2006 #

  13. 13

    [...] Nice story, Phishing Phor Phishers. [...]

    Pingback by Phishing. — September 1, 2006 #

  14. 14

    > Anyway, my wife’s pretty embarassed about the whole thing and made me promise not to tell anyone.

    Won’t tell anyone!

    Comment by Matthijs — September 1, 2006 #

  15. 15

    I have often thought about replying to those phishers with incorrect information but never bothered. I suppose thinking about it and what you did is probably the best thing to do.

    If everyone replied to a phish with incorrect details it would swamp any phishae sent by gullible people. (not suggesting your wife is gullible)

    $191,40 instead of $191.40 would be the wrong way in the UK as well. So that *proves* we are not in Europe :)

    What would your wife do with an email from a Nigerian Chief who sadly had all his chickens killed but still managed to save $118,000,000.00 and just needs help to …

    Comment by Norm — September 1, 2006 #

  16. 16

    Heh - very entertaining as always. And I like the vigilante bent to it. I recently engaged in my own vigilante measures against a keyword stuffing, no good, trademark enforcing fool.

    http://knaddison.com/seo/trademarks-and-keyword-stuffing

    It’s nice when you can find someone using technology to screw people, and then use the technology right back on them.

    Comment by greggles — September 1, 2006 #

  17. 17

    Yeah, I always give out my credit card number to people who say they are going to give me money. Now my statement online shows really big numbers in red, so it must be working!

    Comment by Ian Clifton — September 1, 2006 #

  18. 18

    The #1 red flag for me was the the IRS would never send an email saying that they OWE money. Why? It’s way too fast.

    They send it over land by carrier pigeons that can’t fly. That way they can collect as much interest on your money as possible.

    Comment by Sheldon Kotyk — September 1, 2006 #

  19. 19

    Update!

    Yahoo Abuse is retarded!

    I got a response from them this morning:

    Hello,

    Thank you for writing to Yahoo! Mail.

    Unfortunately, your message to us was missing the full Internet headers.
    Without the full headers we will be unable to further investigate this
    matter.

    Email headers are used to deliver a message over the Internet and
    contain a record of the specific route that the message took. Full
    header information is included in every message that is sent. Depending
    on the setup of your email account and/or server, however, this header
    information may not be visible or otherwise available to you. Please
    consult with your email administrator or email program help information
    to determine the availability of this full header information.

    At this time, we will need you to forward a copy of the message, as
    opposed to sending it as an attachment, because we are currently unable
    to accept attachments. Please include the following in your report of
    email abuse to assist us in a prompt and full evaluation:

    1. Original subject line — Please forward the email with a subject
    identical to the original subject.

    2. Complete headers — Email programs often display abbreviated
    headers. To learn how to display the full headers in a Yahoo! Mail
    account, please visit the Yahoo! Mail Help Desk at:

    http://help.yahoo.com/help/us/mail/config/config-11.html

    For non-Yahoo! Mail users, please refer to the URL below for information
    on how to get the full headers for your particular email client:

    http://www.haltabuse.org/help/headers/index.shtml

    3. Complete message body — Please include the complete, unedited
    content of the email message in question. Please do not change or edit
    the message in any way.

    If reports of email abuse are missing any one of these three items, we
    may not be able to further investigate such reports. We appreciate your
    efforts in reporting this abuse to Yahoo!.

    Thank you again for contacting Yahoo! Customer Care.

    Regards,

    Michael

    Yahoo! Customer Care
    http://www.yahoo.com/

    25643879

    This was in response to my message:

    Hello Yahoo!

    My wife got a phishing spam (joshswife@yahoo.com .. in her \”To Keep\” folder now) that led her to:

    http://www.thistlejack.com/photobus/g2data/sessions/www.irs.gov/pas.php

    (the http://www.irs.gov part has been renamed to dorkdorkdork by the website\’s owner whom I contacted. His gallery photo album software installation had been hacked.)

    It turns out the phishing results were getting emailed to two yahoo addresses you host: phisher1@yahoo.com and phisher2@yahoo.com, with the subject \”IRS - Full\”.

    I was hoping you could disable those accounts, and if possible delete the emails from them with that subject? My wife fell for it today and gave up her ssn and a credit card. I already canceled the card but was hoping to mayyyyybe save her SSN from any future nefarious purposes!

    Also, if you have any logs of ips used to log in to those accounts and times, I\’d love to have them if you would give them to me.

    Thanks,
    josh!

    Urgh.. where do email headers enter into it?!

    And you thought our support was bad! :)

    Comment by Josh Jones — September 1, 2006 #

  20. 20

    Ask your wife to use Thunderbird, it’s got a nice scam detecting feature, there’s a button that shows up top of every scam positive email in case it isn’t a scam.

    Shame on you for spamming though. Another one of those “ends justifying the means” arguments…

    Comment by TB — September 1, 2006 #

  21. 21

    The benefit of Josh spamming this guy is that he no doubt is some script kiddie in Bangladesh or wherever who has multiple phishing sites set up on multiple exploited servers.

    Now he is getting polluted information, and will hopefully scratch the whole bunch because it will be too much of a pain to validate all of it.
    *Hopefully*.

    BTW, there is nothing wrong with spamming a phisher. In the same way that it’s not wrong for a government to “kidnap” and imprison a criminal, it is not wrong for a person to “spam” a phisher.

    ESPECIALLY when it has a zero casualty liability.

    Or maybe my view of vigalante spamming is a bit lax.

    Comment by Nate Cavanaugh — September 1, 2006 #

  22. 22

    Dude - that\’s a f—ing brilliant response to a scam like that. Anyone can get taken — no matter how smart you are. I love flooding his mailbox with fake emails.

    That should get Yahoo\’s attention too!

    Comment by CarlenLea — September 1, 2006 #

  23. 23

    She gave out her social security number? I can understand a lot of mistakes, but that’s a huge one.

    Comment by bwd — September 1, 2006 #

  24. 24

    Wonderful entry! I’ll be showing this to everyone I attempt to explain phishing to! I especially liked the bit where you gave ‘em a taste of their own medicine.

    Comment by blue_halo — September 1, 2006 #

  25. 25

    Great thing you did. Wish I was savvy enough to do the same thing - I get 4 or 5 a week of those things.

    Two more things going on at eBay I’ve experienced (but did not get caught): (1) you get a message looking like a question from a prospective buyer and the REPLY button takes you to a logon port where they collect your name and password, (2) you get a cashiers check for thousands more than the item you’re selling directing you to - after the check “clears” - send money to a third party by Western Union for “shipping” fees. That cashiers check is bogus, but will not bounce for two weeks as it takes the system that long to get to the listed issuing bank. You are then liable for the amount of the phony check. Nice.

    Comment by AlanCase — September 1, 2006 #

  26. 26

    Great story!

    That’s going to all my friends as a way of educating/warning them about phishing!

    Comment by aswmbo — September 1, 2006 #

  27. 27

    [...] Phishing Phor Phishers [...]

    Pingback by Blackmoor Vituperative » Phishing Phor Phishers — September 1, 2006 #

  28. 28

    I was going to send the URL of this blog to some relatives, including my mother, to increase their awareness of Phishing, but there is uncalled for vulgarity in one of the messages, above, that make it imprudent for me to do so.

    Too bad — this would have been quite educational for them.

    Comment by Byron Canfield — September 1, 2006 #

  29. 29

    I had a similar thing prepared. I work for a state government agency that is responsible for distributing large sums of mony to people. We found out that someone was sending out emails from @yahoo.com.

    Lots of people responded, apparently, so I requested a copy of the letter he was sending out. At which point I crafted a boilerplate response, then gave it randomization through xslt transforms so that it could not be filtered without removing useful data as well.

    Then I incorporated all of this into an application called Azrael.exe. Unfortunately, working for the state or federal government involves numerous layers of obfuscation and responsibility, and by the time I had approval to do it, yahoo had shut them down.

    Next time, however, I’ll just do it from home :D

    Comment by anonymous government cog — September 1, 2006 #

  30. 30

    [sigh]…

    faze

    phase

    Comment by Spelling Fascist — September 1, 2006 #

  31. 31

    You have to see the positive side: a couple of blowjobs and maybe some anal are in order.

    Comment by Dirk Penus — September 1, 2006 #

  32. 32

    [...] Jones’ wife thought they were due for a fat tax refund do to a courteous IRS email. She promptly emailed away their Social Security and Visa Check Card Number. Josh stated, “But, believe it or not, my wife is not stupid. In fact, she has a PhD from Harvard! “read more | digg story [...]

    Pingback by Paper Brigade News » Blog Archive » DreamHost CEO Josh Jones’ Wife Falls for Phishing Scam — September 1, 2006 #

  33. 33

    Can you post a copy of your script?

    Might come in handy one day!

    Comment by DV — September 1, 2006 #

  34. 34

    They’re phishing for you; don’t bite….

    They’re phishing for you; don’t bite….

    Trackback by discarded lies - hyperlinkopotamus — September 1, 2006 #

  35. 35

    [...] Jones’ wife thought they were due for a fat tax refund do to a courteous IRS email. She promptly emailed away their Social Security and Visa Check Card Number. Josh stated, “But, believe it or not, my wife is not stupid. In fact, she has a PhD from Harvard! “read more | digg story [...]

    Pingback by DreamHost CEO Josh Jones’ Wife Falls for Phishing Scam » News around the World — September 1, 2006 #

  36. 36

    Some companies, I believe ebay is one of them, say NEVER to respond to a click request in an email. Log into the company’s site and go to your account that way. I know not everyone operates that way. If I’m suspicious, I take the time to email the company’s abuse department and ask for advice.

    P.S. I love Josh’s response, too.

    Comment by shmu — September 1, 2006 #

  37. 37

    It’s funny…how so well educated ans smart people can be victim of phishing.
    What about all of us…not so smart people? I won’t blame myself if I got phished some day..:)-

    Comment by GPS — September 1, 2006 #

  38. 38

    Okay, here it is… phish.pl!


    #!/usr/bin/perl

    my $sendmail = "|/usr/sbin/sendmail -t";

    sleep 60*rand(20); # since this runs every 20 mins, let's let it randomize within 20 minutes when it runs.

    open (IN, 'names.txt');
    my @names = ;
    close (IN);

    my $name = $names[int(rand(@names))];
    $name =~ s/\n//;

    my ($ssn1,$ssn2,$ssn3,$ccnumber,$expdate_month,$expdate_year,$cvv2,$pin) = &GetRandoms;

    foreach my $email (’phisher1@yahoo.com’,'phisher2@yahoo.com’) {

    my $message =”From: thistlej\@server4.whmsecure.com
    To: $email
    Subject: IRS - Full

    “;
    $message.=”[ . . . : : : IRS FOUNDS : : : . . . ]\r\n”;
    $message.=”Social Security Number: $ssn1 - $ssn2 - $ssn3\r\n”;
    $message.=”Name On Card: $name\r\n”;
    $message.=”Card Number: $ccnumber\r\n”;
    $message.=”Expidation Date: $expdate_month / $expdate_year\r\n”;
    $message.=”CVV: $cvv2\r\n”;
    $message.=”PIN: $pin\r\n”;
    $message.=”[ . . . : : : IRS FOUNDS : : : . . . ]\r\n”;
    $message.=”\r\n”;

    open (MAIL,$sendmail);
    print MAIL $message;
    close MAIL;
    }

    sub GetRandoms {
    my $ssn1 = int(rand(10)) . int(rand(10)) . int(rand(10));
    my $ssn2 = int(rand(10)) . int(rand(10));
    my $ssn3 = int(rand(10)) . int(rand(10)) . int(rand(10)) . int(rand(10));

    my $ccnumber = int(rand(4))+3;
    my $times = 15;
    $times = 14 if $ccnumber == 3;
    my $i = 1;
    while ($i < = $times) {
    $ccnumber .= int(rand(10));
    $i++;
    }

    my $expdate_month = int(rand(12))+1;
    if (int(rand(2)) == 1) {
    if ($expdate_month < 10) {
    $expdate_month = '0'.$expdate_month;
    }
    }
    my $expdate_year = '0'.int(rand(4)+6);
    $expdate_year = '20'.$expdate_year;
    my $cvv2 = int(rand(10)) . int(rand(10)) . int(rand(10));
    if ($times == 14) {
    $cvv2 = int(rand(10)) . int(rand(10)) . int(rand(10)) . int(rand(10));
    }
    my $pin = int(rand(10)) . int(rand(10)) . int(rand(10)) . int(rand(10));

    return ($ssn1,$ssn2,$ssn3,$ccnumber,$expdate_month,$expdate_year,$cvv2,$pin);
    }

    Comment by Josh Jones — September 1, 2006 #

  39. 39

    The saddest part of the whole matter it that it wouldn’t be funny unless we all know at least one person who has fallen for such things. Trying to teach people to spot such things before they act is nearly impossible, the idea of getting something for nothing is always too tempting to the public as a whole.

    Comment by Dave — September 1, 2006 #

  40. 40

    “But, believe it or not, my wife is not stupid. In fact, she has a PhD from Harvard!”

    Actually, my friend, your article makes her seem like the biggest idiot on the planet.

    I hope she doesn’t realize that your post is on the Internet, otherwise you should prepare to sleep on the couch.

    Other than that, thanks for the heads up.

    Comment by Anonymous — September 1, 2006 #

  41. 41

    Well done - I hope with all this work we can nab all of them one by one

    Love then entire narration

    Comment by Teeth Maestro — September 1, 2006 #

  42. 42

    A PhD doesn’t absolve someone from every day shit. Your wife is stupid. Stupid is ignorant and ignorant is the only thing I can consider this.

    Comment by GL — September 1, 2006 #

  43. 43

    Dahaha, he messed with the wrong family.

    Ps. Attending Harvard doesn’t make you smart. Getting there doesn’t mean you’re smart. But graduating from Harvard is a good sign you’re not a dumbass. =)

    Comment by geoffreyhale — September 1, 2006 #

  44. 44

    > It looked like from the URL that the phisher had exploited a
    > hole in a photo gallery script he had installed. (Which is why > we have mod security for our happy hosters!)

    Could you point me to more information about mod security?

    What was the photo gallery software he used, if I may ask? Was it Gallery, by any chance? I installed Gallery on my website because it’s one of the one-click installs DreamHost provides, which made me think Dreamhost thinks Gallery is a good choice both feature-wise and security-wise. Later I read somewhere that Gallery has security holes. And now your post made me wonder if the unwitting hoster of the scam site used the same software. I am quite worried about this scenario happenning to me (i.e. unknowingly ending up hosting a scam site).

    Anyway, can you please let me know what “mod security” is, and how do I use it, and how would I use it to help protect myself from this problem?

    Thank you.

    Comment by Elze — September 1, 2006 #

  45. 45

    Wow, you write great blog posts. Just wanted to say I came from digg, nice story, and great hosting (I’m hosted with dreamhost.com as we speak).

    Comment by Daniel — September 1, 2006 #

  46. 46

    So, your wife doesn’t use Dreamhost as her email provider? I can tell, because she actually received an email sent to her.

    If only you could provide the same for us…

    Comment by DisgruntledCustomer — September 1, 2006 #

  47. 47

    I have to agree: anyone with a PhD ought to know by now you *never* trust a link in email. I don’t even try to tell people how to tell if it’s good or not, because it can be hard to tell even for people who are experts. You can go to the known good url manually and login. If it’s legitmate, there will be info there that matches the email. And you never do anything financial that isn’t SSL protected and verified.

    Comment by Vanyel — September 1, 2006 #

  48. 48

    http://unitt.myby.co.uk/scam.zip

    This is something I knocked together in about 10 minutes when I was really bored and tired of getting phishing emails.

    I know its the most hacked together thing ever and you have to have popups disabled on your browser for it to work but I’m sure it will annoy the phishers, or at least fill up their mailbox with junk.

    Comment by Chris — September 1, 2006 #

  49. 49

    Visa check cards have the exact same protection as Visa credit cards. It’s in the fine print.

    Comment by The Grubesteak — September 1, 2006 #

  50. 50

    oh yeah, your going to have to change the form in scamkiller to match the form on the phishers site :)

    Comment by Chris — September 1, 2006 #

Pages: [1] 2 3 4 » Show All

Sorry, the comment form is closed at this time.

Powered by WordPress. Pool theme by Borja Fernandez, modified by DreamHost.
Entries and comments feeds. ^Top^