Reporting Phishing

Rinkhals

Rinkhals

Senior Member
Joined
Feb 10, 2006
Messages
514
Reaction score
15
Location
Johannesburg
Normally if I receive a Phishing email purportedly from ABSA or FNB or someone, I just junk it.

Then it occurred to me, why not report it so that the saddo who wrote it can get arrested?

So I googled "how to report banking phishing" checking the "Pages from South Africa" radio button.

No useful results.

So who do you report phishing to? Or are we so behind the times that we have no way of identifying the perps?

I mean, if the cops can get to the hosting website quickly enough, they can probably get enough information to identify the owner. Or is that beyond them?

Obviously you and I don't get taken in by these scams, but it pains me to think of the elderly and vulnerable who might actually give their banking details to these crooks and get robbed of what little the have....
 
I know Standard Bank have an email address you can report phishing attempts to - I think it's [email protected].

I would assume other banks have something similar; although how much they actually do about any emails received, or how long it takes, I don't know.
 
From the FNB site -
If you suspect that your confidential information has been compromised, please do not hesitate to contact our dedicated Fraud Team on 011 303 0960 or email [email protected]
Click to expand...
 
Well, it just shows there's an opening in the market for a tech savvy security person. Create a website to report the phishing attempts and deal with it by finding the source and host.

We might see a next mini Mark Shuttleworth some day ;)
 
The problem is that the mail is sent by a botnet infected computer.

You can easily trace that mail back to some poor sod in Country X who forgot to turn on their updates/antispyware/antirootkit/firewall/etc. but you cannot take it further than that.

Even the reply to address and urls in the mail are just a zombie computers that will relay that data back to the botnet owner.

And do not even think of taking on the botnet owners...

http://www.informationweek.com/software/showArticle.jhtml?articleID=201804528

You do not want to mess with these guys. :eek:
 
Well, the email isn't the problem, the phishing site itself is, that's my point. Stuff the email to an extend, it's the site which harvests the details ;)
 
Email the site owner to have it taken down maybe.

I doubt that you will be able to take down the dude that set up the site though.
 
HavocXphere said:
Email the site owner to have it taken down maybe.

I doubt that you will be able to take down the dude that set up the site though.
Click to expand...

And get more phishing emails by emailing the site? Doesn't compute dude.

You take the site down at the host, you take the host down at ISP level, forcefully.
 
Most of the phishing sites are hosted on some dodgy international server as well - you need to contact the ISP who owns the IP.
 
teraside said:
And get more phishing emails by emailing the site? Doesn't compute dude.

You take the site down at the host, you take the host down at ISP level, forcefully.
Click to expand...

I have been a bit Idle the last couple of days :o, but I'm back ;)

Back in high school I would do exactly this in my spare time. I had fun with all the Phishing emails I got.

Steps I would follow:
1) Check where Exactly the email was sent from (email headers) or what return address was hidden in there. If it was hotmail/yahoo etc etc I would report this to them - I was always surprised as to how quick they acted on these things.

2) If there was a phising website included in the email, I would first try and report the website Directly at wherever the site was hosted (I lived in a few WHOIS servers back then ;) ). Then I would also report the site to like PayPal or whoever was the target. If it was local Banking sites, I would of course Just report this to them directly and wont bother with Step 3 below.

3) I would end off my mission by reporting the site to the fbi as well.


Worked for me - Was quite fun for me to do this, and rewarding to see a site being Dead after a few hours of patience! :D
 
As pointed out above, the problem is an international one.

The best is to report these phishing mails to:
http://www.castlecops.com/sirt

These guys will make it go away.

Likewise they have a link for malware and spam.
 
You must log in or register to reply here.
Back
Top
Sign up to the MyBroadband newsletter
X