phishing attacks against ISPs (also with Google translations)

Gadi Evron ge at linuxbox.org
Wed Mar 25 11:17:19 CDT 2009


William Allen Simpson wrote:
> I've not recently seen an ISP account phish here.  The last one I remember
> was circa 2003.  It was a dictionary attack, arriving at my [email protected] account
> (long since rendered useless by spam volume and terminated).
> 
> However, I don't save phish/spam anymore.  I used to save everything --
> providing many of the examples for http://fraudgallery.com/ -- nowadays,
> just daily scan for false positives, report monetary phish to the few
> ISPs that actually promptly close down bad actors, and delete the rest.

One of the responses off NANOG was very interesting. I will attribute 
after asking for permission to re-post.

The guy mentioned the concept of sending warning emails to customers to 
begin with. His opinion is that it is a mistake, and only causes 
confusion. On top of that it raises support desk costs as people call in 
  for explanation, as well as to report new fraudulent emails they see 
while in the past they mostly just ignored them.

I hope to get more feedback on the matter, and see if other folks have 
the same experience.

> Good luck, Gadi.

I appreciate your feedback, I had no idea ISP phishing goes all the way 
back to 2003.. although dictionary attacks may not be best defined that 
way. Definition discussions are boring though.

Danke,

	Gadi.




More information about the NANOG mailing list