phishing attacks against ISPs (also with Google translations)
ge at linuxbox.org
Wed Mar 25 11:17:19 CDT 2009
William Allen Simpson wrote:
> I've not recently seen an ISP account phish here. The last one I remember
> was circa 2003. It was a dictionary attack, arriving at my [email protected] account
> (long since rendered useless by spam volume and terminated).
> However, I don't save phish/spam anymore. I used to save everything --
> providing many of the examples for http://fraudgallery.com/ -- nowadays,
> just daily scan for false positives, report monetary phish to the few
> ISPs that actually promptly close down bad actors, and delete the rest.
One of the responses off NANOG was very interesting. I will attribute
after asking for permission to re-post.
The guy mentioned the concept of sending warning emails to customers to
begin with. His opinion is that it is a mistake, and only causes
confusion. On top of that it raises support desk costs as people call in
for explanation, as well as to report new fraudulent emails they see
while in the past they mostly just ignored them.
I hope to get more feedback on the matter, and see if other folks have
the same experience.
> Good luck, Gadi.
I appreciate your feedback, I had no idea ISP phishing goes all the way
back to 2003.. although dictionary attacks may not be best defined that
way. Definition discussions are boring though.
More information about the NANOG