"Frank Bures" <feeb@[EMAIL PROTECTED]
> wrote in message
news:fru7j5$nm5$1@[EMAIL PROTECTED]
> kujebak wrote:
> > On Mar 19, 11:47 am, Frank Bures <f...@[EMAIL PROTECTED]
> wrote:
> >> kujebak wrote:
> >>> Cool online game:
> >>> http://cups.cs.cmu.edu/antiphi****ng_phil/quiz/index.html
> >> All these games are crap. If I do not have an access to full headers
of
> >> the phi****ng E-mail any analysis is reduced to sheer guessing. I
wonder if
> >> authors of such games are not actually in cahoots with phishers as
not a
> >> single one explains the correct rules how to distinguish phi****ng
attempts.
> >> They are simple:
> >> 1.
> >> Read the headers
> >> 2.
> >> Use ARIN.
> >>
> >> Cheers
> >> Frank
> >
> > Frank, does it really matter where the e-mail comes
> > from?
>
> Definitely.
>
> For instance, if you receive an E-mail apparently from Royal Bank of
Canada
> from a server in *.cn, it's 100% forgery.
>
> > One could spend hours trying to figure out true
> > origin of the junk one finds in the inbox these days,
>
> More like couple of seconds.
>
> > often to no avail. All that matters is the embedded link
> > itself. I don't know about Gnome, and any of the other
> > Linux GUIs you might be favoring,
>
> GUI has nothing to do with it.
> BTW, I prefer KDE.
You mean it wasn't written by Yang Gui
of Kentucky Department of Education? :-)
> > but Windows makes
> > that very easy - right click on the link to bring up the
> > properties, then look for all the suspicious clues. Of
> > course it never makes sense to open any confidential
> > web site from a link in an e-mail. Any e-mail. That is
> > a rule *numero uno* :-)
>
> I agree. But that was not the point. Point was that you cannot
> distinguish a fake site judging solely by its name as the "game" would
have
> you believe [1]. Of course, if the site pretending to be Royal Bank of
> Canada is registered somewhere in Timbuktu or Lagos, that's your
> irrefutable clue.
> Hence - use ARIN.
>
> Cheers
> Frank
>
> [1] I remember some US banks using domain names that looked 100%
phishy.
> Yet, they were perfectly legitimate. It is amazing how sometimes people
go
> out of their way to make their mail look like spam. Couple of years ago
> some US states enacted legislations prescribing senders of commercial
> E-mails to put "ADV" or "Advertisement" in the subject line. Hence, I
had
> a filter that sent all such E-mail into a system junk directory. Some
1000
> or more of these during any 24 hours period. It worked perfectly well
> until the University Governing Council decided for no apparent reason to
> put "[ADV]" as a first group of characters into subjects of all their
> official mailings. Then the proverbial **** hit the fan pretty fast :-)
> FYI, I process some 150,000 mails a day.
>
> Cheers
> Frank
>
> --
>
> <feeb@[EMAIL PROTECTED]
>
|
