Phishing Morality Question Log Out | Lost Password? | Topics | Search | Who's Online
Contact | Register | My Profile | SO home | MOL home

M-SO Message Board » Technology & The Internet » Archive through June 21, 2006 » Phishing Morality Question « Previous Next »

  Thread Originator Last Poster Posts Pages Last Post
  ClosedClosed: New threads not accepted on this page          

Author Message
Top of pagePrevious messageNext messageBottom of page Link to this message

Rastro
Citizen
Username: Rastro


Post Number: 3344
Registered: 5-2004


Posted on Friday, June 9, 2006 - 11:31 am:   Edit Post Delete Post Print Post    Move Post (Moderator/Admin Only)
Whenever I get a phishing email, I go to the site to check it out. Have they been aken down already? Can I identify the network it's on? Is it an amateur who left some personal info around? etc.

I recently went to one, and when I went back through the directory tree, I found hte text file that is storing the personal info of the few people that actually entered their info. Email and snail mail addresses, SSNs, credit card #s, amazon passwords, etc.

Should I email these people and let them know, or let it go? I've already contacted PacBell, the ISP on which the server is running.
Top of pagePrevious messageNext messageBottom of page Link to this message

Dave
Supporter
Username: Dave


Post Number: 9826
Registered: 4-1997


Posted on Friday, June 9, 2006 - 11:36 am:   Edit Post Delete Post Print Post    Move Post (Moderator/Admin Only)
I'd think a law agency might be better. Local FBI bureau, perhaps?
Top of pagePrevious messageNext messageBottom of page Link to this message

Rastro
Citizen
Username: Rastro


Post Number: 3345
Registered: 5-2004


Posted on Friday, June 9, 2006 - 11:45 am:   Edit Post Delete Post Print Post    Move Post (Moderator/Admin Only)
I hate to say it, but I'm not that motivated to pick up the phone. I'll check to see if the FBI has an online submission form or email address to forward it to.

But should I let people know? or let the cops do that?
Top of pagePrevious messageNext messageBottom of page Link to this message

Monster©
Supporter
Username: Monster


Post Number: 3526
Registered: 7-2002


Posted on Friday, June 9, 2006 - 11:49 am:   Edit Post Delete Post Print Post    Move Post (Moderator/Admin Only)
http://www.ic3.gov/

Welcome to IC3
The Internet Crime Complaint Center (IC3) is a partnership between the Federal Bureau of Investigation (FBI) and the National White Collar Crime Center (NW3C).

IC3's mission is to serve as a vehicle to receive, develop, and refer criminal complaints regarding the rapidly expanding arena of cyber crime. The IC3 gives the victims of cyber crime a convenient and easy-to-use reporting mechanism that alerts authorities of suspected criminal or civil violations. For law enforcement and regulatory agencies at the federal, state, local and international level, IC3 provides a central referral mechanism for complaints involving Internet related crimes. read more >>
Top of pagePrevious messageNext messageBottom of page Link to this message

Rastro
Citizen
Username: Rastro


Post Number: 3346
Registered: 5-2004


Posted on Friday, June 9, 2006 - 11:57 am:   Edit Post Delete Post Print Post    Move Post (Moderator/Admin Only)
Yeah, I just submitted it there. Though it seems more geared to people who have actually been victimized.
Top of pagePrevious messageNext messageBottom of page Link to this message

tom
Citizen
Username: Tom

Post Number: 5071
Registered: 5-2001
Posted on Friday, June 9, 2006 - 12:37 pm:   Edit Post Delete Post Print Post    Move Post (Moderator/Admin Only)
Those people are about to be victimized. Why not shoot off a message to the whole bunch telling this story?
Top of pagePrevious messageNext messageBottom of page Link to this message

wnb
Citizen
Username: Wnb

Post Number: 406
Registered: 8-2001
Posted on Friday, June 9, 2006 - 2:11 pm:   Edit Post Delete Post Print Post    Move Post (Moderator/Admin Only)
If it were me, I would certainly appreciate it if you had dropped me a note.

Top of pagePrevious messageNext messageBottom of page Link to this message

Rastro
Citizen
Username: Rastro


Post Number: 3349
Registered: 5-2004


Posted on Friday, June 9, 2006 - 2:21 pm:   Edit Post Delete Post Print Post    Move Post (Moderator/Admin Only)
I did. I emailed the three people whose information was still on the site. Apparently the person who set it up was pulling down the file periodically, since the names in the file changed a few times.

I also contacted the FBI and the ISP. Now let's check and see if the site is still up...

Yup.. though it appears that most of the people submitting info now are entering fun things like this:

F-- you, hole...

BTW, I love the URL... (yes, that's a valid URL)

http://1200439801:82/ (subdirectories truncated for safety)
Top of pagePrevious messageNext messageBottom of page Link to this message

Rastro
Citizen
Username: Rastro


Post Number: 3352
Registered: 5-2004


Posted on Friday, June 9, 2006 - 3:40 pm:   Edit Post Delete Post Print Post    Move Post (Moderator/Admin Only)
Got an email back from a vic:

Quote:

Dear Joe,
Thank you so much for your warning email. I appreciate it very much.
Would please tell me how this information came to your attention, and
suggest any precautions I might make regarding the soc.sec. info?
Sincerely,
xxxx



I explained about the credit reporting agencies, to contact his credit card company, and how to spot phishing web sites. I'm really amazed somsone would fall for this, though. The URL barely tried to appear to be from Amazon.
Top of pagePrevious messageNext messageBottom of page Link to this message

Monster©
Supporter
Username: Monster


Post Number: 3537
Registered: 7-2002


Posted on Saturday, June 10, 2006 - 2:54 am:   Edit Post Delete Post Print Post    Move Post (Moderator/Admin Only)
there are just too many people people out there that are just not savvy, never mind being phishing savvy.

Topics | Last Day | Last Week | Tree View | Search | User List | Help/Instructions | Credits Administration