-
Ask a question and get free supportUnlock new privileges and see hidden discussionsWin prizes and earn reputation
-
Question of the day ~ How often do you braai?
-
Afristay giveaway.Win a 2-night stay for two people at an establishment of your choice with R1,000 in spending money. Enter here.
Sign up with GoogleSpoofing absa.co.za domain?
- Thread starter DearHeart
- Start date
Please have a look at the header below from one of the many emails I received, it seems to genuinly come from the absa.co.za domain?
DearHeart
Expert Member
- Joined
- Jun 22, 2005
- Messages
- 1,423
Thanks guys, bit more tricky than I thought. But how do I blacklist the addys since the don't really come from absa.co.za? I.e., if I block customer.securityalert@absa.co.za will it actually stop the emails from coming through? I've already blocked some of them, some gets caught in the server spam box but others still get through.
The_Unbeliever
Honorary Master
- Joined
- Apr 19, 2005
- Messages
- 103,196
Don't do that - you might block legitimate emails.
1. You can use blacklisting to blacklist email servers who should not be sending spam.
2. You can add the server's IP to your own blacklist - it'll drop ALL emails originating from that server
3. Install spam filtering software to filter out spam.
The_Unbeliever
Honorary Master
- Joined
- Apr 19, 2005
- Messages
- 103,196
I'm shameless by promoting my own blog on spam : http://mybroadband.co.za/vb/entry.php?73-Fighting-Spam-Part-1
DearHeart
Expert Member
- Joined
- Jun 22, 2005
- Messages
- 1,423
OK, I suppose I can block *@sainsbury.fr, Hetzner's blacklist does not cater for IP addresses. Outlook does catch the spam, just hate to see it there!
DearHeart
Expert Member
- Joined
- Jun 22, 2005
- Messages
- 1,423
Mmmm... I don't have Exchange server, you gotta put something there for the ISP based servers ;-)
- Joined
- Oct 2, 2008
- Messages
- 349
Hi DearHeart
The best solution would be to implement SPF. Speak to your isp about implementing this for if they do not already have it setup else ask them to review the spam weights for domains that fail SPF
The best solution would be to implement SPF. Speak to your isp about implementing this for if they do not already have it setup else ask them to review the spam weights for domains that fail SPF
Nerfherder
Honorary Master
- Joined
- Apr 21, 2008
- Messages
- 29,703
I got that mail as well, outlook security actually removed the link and flagged it as a phishing email.
DearHeart
Expert Member
- Joined
- Jun 22, 2005
- Messages
- 1,423
@ server-admins.net: I'm with Hetzner, their spam filter works quite well, but some of these ABSA spoofs still comes through, and they are all basically the same.
@ Nerfherder: Same here, otherwise I might have opened the email and posted my account details, personal information, Swiss bank account numbers.... not!
@ Nerfherder: Same here, otherwise I might have opened the email and posted my account details, personal information, Swiss bank account numbers.... not!
AnomalyNexus
Senior Member
- Joined
- Nov 29, 2009
- Messages
- 710
With a bit of knowledge one can spoof the From field using a clean windows install without any tools.
The best way to detect phishing is to pick up the phone and call absa when in doubt.
The best way to detect phishing is to pick up the phone and call absa when in doubt.
- Joined
- Oct 2, 2008
- Messages
- 349