Note - An Analysis of Bank Phishing E-Mails

 

A note is now available for downloading and distribution on this subject.

An Analysis of Bank Phishing E-Mails
Feel free to read and distribute as you require.

Vonage

 

I've just connected my Vonage account.

It was very easy. I just plugged the special connecting box into my network hub, waited for it to download the IP address and software from Vonage and then plugged an ordinary phone into the box.

It worked first time.

What do I like :-

• The instant billing happens as soon as you put the phone down.
• The answerphone is totally web-based and gives a list of all messages left. Think of it as very like a WebMail interface.
• The costs look good too.

On the negative side, I phoned a mate in South Africa and it was a bit tinny and delayed. But it was 6p. a minute.

So it looks good.

I'll keep everyone posted.

Spam Fighting with Outlook 2003

 

I have recently changed to Outlook 2003 in order to test out the spam filter.

As I learn more and more about Outlook 2003, I can honestly say that the program is an order of magnitude better than Outlook XP.

My method of working is as follows :-

• I have the Junk filter in Outlook 2003 set to Low. This seems to stop most of the spam, which it places in the Junk E-Mail folder.
• I have the Junk E-Mail folder ordered by From, so that I can do a quick scan to see if anybody there is a friend not a spammer.
• Every so often I move the contents of the Junk E-Mail folder to my spam store, where I hold every message I get. This may seem daft, but I analyse it for patterns.
• A normal sane person would delete the spam.
• If I find a message in the Junk E-Mail folder, which is not junk, I just mark it as such and Outlook 2003 can be set to remember the name.
• All of this means that Outlook 2003 has quickly learned who are friends and who are foe.

Excellent!

An Analysis of Bank Phishing E-Mails - Co-operative Bank

 

For the last seven days, there have been just two attacks on Barclays customers!

Instead, the Co-operative Bank now seems to be a target, through e-mails which point to www.cooperative-banking.com, which is registered in California.

They are all the same.

Most of them are to a series of generated e-mail addresses on daisy.co.uk. Again, someone has been conned into buying a list of worthless e-mail addresses. So we have two and possibly more levels of crook.

View the Latest Bank Phishing Data!

An Analysis of Bank Phishing E-Mails - Barclays

 

It really is amazing that Barclays customers have been directly targetted in this way. Is it because Barclays has more customers? Is it because their customers are more vulnerable? Is Barclays security not as good as other banks?

I don’t know and can only guess.

The good news is that as from the 19th, the amount of phishing scams seem to have dropped significantly. Interestingly since then, ninety percent of the e-mails seem to be very amateurish with very bad spelling.

The last two e-mails to Barclays on the 28th and 29th are almost a joke. One points to a domain in Australia and the other to one in France.

If anybody is stupid enough to be taken in by either of those, they deserve to be conned.

Tip - If you are using Outlook 2003, move the mouse pointer over the link and the program will tell you the real link. If it's not Barclays, then don't click it.

View the Latest Bank Phishing Data!

An Analysis of Bank Phishing E-Mails

 

I collect spam and bank phishing e-mails in particular.

I should say that as I have had an Internet presence since about 1992, my e-mail addresses at daisy.co.uk have been severely compromised. They have been distributed to virtually all of the spammers, whether they are in the US, Russia, Eastern Europe, China or elsewhere.

To make matters worse, but much better for the purpose of collecting spam, some bright spark has generated lots of e-mail addresses based on daisy.co.uk, so they can tell the crooks that they’ve sent many times more than they actually have. Sometimes I get twenty or thirty copies of the same message to different addresses. Most of these addresses bear no relation to reality, typically being something like fred_smithth@daisy.co.uk.


To illustrate the scale of the problem, I’ve taken just one source of spam; bank phishing scams, where criminals are trying to get details of bank accounts through fake sites.

In the graph, blue are messages supposedly from Barclays, red shows the Co-Operative Bank and yellow shows all the other phishing attempts on other banks. I have included messages to about ten domain names, most of which are .coms, in addition to daisy.co.uk.

This Blog

 

This blog is the update system for the book, where I can post comments, add new topics and others can reply.

I can also introduce topics that perhaps shouldn't be in the book. Or perhaps some that are an ongoing story, that needs to be updated on a periodic basis.

Publishing with Lulu

 

Making the Most of the Internet has been published on Lulu.

This is a simple system that allows you to take a document file, such as one created by Word and make it into a publishable book. The document is just uploaded, you set a few parameters and it is published.

There is only a small charge to get it into the various book indices.

When anybody wants a copy, they go the Making the Most of the Internet page, choose a download or a printed copy and then pay for it just as one would at Amazon.