Shady spammers getting more creative with links
- Posted September 4th, 2008 at 10:56 pm by Ryan
- Categories: All-New Mail, Anti-Spam, Classic Mail, General, Security
It’s dawning on me that the shady emailers have no intention of dialing back their malicious messages, so I might just have to ramp of the amount of warnings I post here. Take that “Mr. Rasim Hassan of Burkina Faso”!!! By the way, no offense to any actual Rasim Hassans out there. It just so happens that the most recent “claim these millions” style message came from a Rasim Hassan.
While I’m hopeful that more and more users are aware that Yahoo! lotteries asking for your personal dossier, as well as wire transfer requests to receive unclaimed fortunes, are dangerous, it could be even more important that people recognize the dangers of deceptive links in messages.
You’ve often been warned about clicking links within unexpected emails. A common approach is to link you over to a spoofed login page to collect your password. In the beginning scammers didn’t worry much about what the link looked like. Once people began looking more closely at the domain in the hyperlink the scammers started creating links that looked like they pointed to one place, but when you put your mouse over them you would see that the link actually directed you elsewhere.
Now, the NY Times has reported that malicious spammers are finding new ways to make their links look more legitimate. The latest trend is….(drumroll)….free web services!
Jeremy Kirk, in a recent story from NYTimes.com, explains:
One of the services, a photo-hosting site called ImageShack, lets people upload different types of photo formats, including Flash files, said Paul Wood, a senior analyst with MessageLabs.
Flash files, which have the extension “.swf”, can be used for animated graphics and can also be used to automatically redirect people to other Web sites. That feature can be abused.
I recommend checking out the complete story, when you have a chance. But also remember that whenever an email directs you to a site (typically where you have an account and would need to login), you should instead visit the site via typical methods (bookmark, typing URL by hand, even a web search). If there is something significant going on with your account they will usually tell you when you login. If you feel that you absolutely HAVE to click on the link in an email you should examine it closely before clicking on it!
- Subscribe via RSS
- 40 Comments
September 5th, 2008 at 7:50 am
two comments:
1.- can you make the button “SPAM” a drop down with two options (report pishing and spam), defaulting to the current behaviour ?
2.- can you put the links of e-mails reported as spam by users in a DB, compare links in e-mails against these reported links in the DB and warn the user when the user clicks it ?
September 5th, 2008 at 8:13 am
Hi jam-one,
Thanks for the suggestions. For our savvier users it could be very useful to label reports as “phish” or regular spam, however I think a large number of users still don’t truly understand the differences. I’ll check with the anti-spam team to see what they think.
With regard to the links question. I think our systems make efforts to block messages altogether if they contain links that have been confirmed to be fraudulent, however I’m not sure how the logistics work if a message has already been delivered by the time it was reported. Will look into that too.
-Ryan
October 11th, 2008 at 6:59 pm
Does anyone know why the security Sign In Seal disappear again and again. Anyone have this problem?? How to solve it?? Thank you PS I am new to this and not sure if I am doing right.
September 5th, 2008 at 10:00 am
What really gets me is those idiots that like to fill your inbox up with foreign lotteries and heirs to them with millions of dollars.
The only bad thing is that when the user hits the spam button, it fills up the spam box fast. In the past 2 months I have had to empty my spam box cause of all the spam. Is there any way you’ll could make the spam box endless? I am tired of them idiots coming back ALL the time.
September 5th, 2008 at 5:04 pm
hear hear, I’ve been hit with these same messages so many times, I usually just look for only the most neccesary email & s***can the rest!!
September 8th, 2008 at 12:08 pm
Lately I’ve been hit with an increased number of phishing emails claiming to be from various banks, eBay, PayPal, etc. Each claims that my account access has been suspended due to suspicious activity and that I should follow the link to correct the matter. Of course, the link is not in the proper domain, and usually the message is not from an organization I have an account with and I ignore it all.
HOWEVER, one got me doing a lot of work: It looked like a message from my credit card issuer and said my account was suspended, etc. It had an 800-number to call to clear up the matter. Hmmm…no suspicious link, all the right logos, etc. But the number wasn’t the usual Customer Service line. Using an office phone with caller ID blocked, I called the 800-number. An automated voice said “Please enter your card number”. No welcome message, no identification of the bank, nothing. VERY STRANGE. So I hung up without entering anything, called the regular customer service line and told them the story. Yup – all faked and many customers had already been duped into giving up the card number and PIN before becoming aware of the scam.
STAY ALERT!
Opher
September 5th, 2008 at 9:24 pm
I am not sure that this is the answer to the question you asked, but I wanted to share what I did to help ease the time spent just cleaning things out of e-mail.
. After you log into Yahoo mail on the top right hand side of the page there is an options button where you can make some additional tweaks to how you want to view email. I went to the spam folder and asked that my inbox be automatically scanned for spam and had it sent to the spam folder where I can have it emptied once a week.
I was still getting alot of spam after also adding alot of e-mail addresses to the block list, so I went to the mail filter also under options, and there I was able to create the words and phrases found in e-mails that I wanted filtered directly to the spam folder. I had everything with the subject lottery, or anyone who headed the letter to “Dear Friend”. I have no friends that email like that. It was easy to do and have not had any issues since. Very cool option. Check it out, and I hope I was able to help you and hopefully I understood your question correctly.
September 5th, 2008 at 10:51 am
I think that anyone that gives out their personal information(bank routing number, ss number, home address, etc.) to unsolicited e-mail is not running on all cylinders. To paraphrase 2 cans short of a 6 pack. If you don’t know who it is sending it, delete it! Simple as that!
September 5th, 2008 at 5:06 pm
but some of those are soo tempting!
September 5th, 2008 at 3:01 pm
Here’s an idea – borrow Google’s spam filter because clearly Yahoo’s sucks so much that you have to blog about how much spam Yahoo users receive. It’s simply unacceptable. I’ve written to Yahoo administrators about this issue numerous times and nothing has changed. I’m switching over – see ya!
September 5th, 2008 at 5:07 pm
Like I’ve said before, I can see what’s important, and can the rest.
September 5th, 2008 at 8:45 pm
Oh’ come on folks…it’s just like politics..they all have their faults! It is up to “you” to pick the one that works for “you” !!!! Criminals and their kind will always find a way to hurt someone.
September 5th, 2008 at 9:37 pm
If it’s too good to be true, that that’s what it is!
The unfortunate part is that alot of the elderly have fallen for these scams. The scammers must think we are a bunch of dummies over here. SURE, I believe that some stranger in BFE wants me to have all their money! PLEASE
September 6th, 2008 at 7:37 am
I have NO problems with the yahoo SPAM filters. The problem I do have with yahoo, is that some time back, when they were “improving” things, they changed the way headers are handled and now, you can’t foward the headers (complete or otherwise) unless you send the entire message as an attachment. I’m very proactive with fighting spammers. I use the site Spamcop to report all spam that I receive. It may not stop spamming altogether, but it makes life harder for them and eventually, some do get penalized.
But, with Yahoo, I try to forward messages that involve either an actual yahoo account, or someone spoofing a yahoo account. But now, in order to do that, I have to get creative and cut/paste the headers into the message to send it back.
September 6th, 2008 at 7:39 am
I open a yahoo email address years ago to use when I didn’t want to give out my personal email address, this worked out well because somehow my yahoo address got out (imagine that). Yahoo’s anti-spam works well, I glance in my spam folder every couple of days and empty it all at once, love that feature. Very little spam reaches my inbox and any good email rarely gets sent to spam. The ONLY links I connect to from any email are the ones from my friends, seems to be the safest way.
September 6th, 2008 at 12:37 pm
I like this service but why does it take sooo long for sent mail to be recieved at the other end?
September 6th, 2008 at 2:56 pm
I don’t have that problem Ken. I’ve used Yahoo, as does my husband and we’ve never had any problems with speed, as a rule. Of course, there’s an occasional glitch, usually connected with my yahoo group mail, but otherwise, no speed problem here. Could it be your isp is slowing things down?
September 6th, 2008 at 1:29 pm
Almost all of the come-ons I receive come to my in-box, very few to my spam folder. I think this is because the first one I received caught me off guard. For some reason I never get any at my personal e-mail address, just the one for my band. I have saved them all in a folder labeled “scams”, hoping to be able to get some law enforcement agency interested in them. I forwarded one of them allegedly from the Bank of Africa to a friend who is an officer at said bank with no results except to confirm that there was no such person at the BOA; I tried to report them to Interpol on-line, but couldn’t get my message to transmit. If anyone is interested, now is the time, because after reading all this, I am about to give up and just delete them all.
September 6th, 2008 at 3:04 pm
One more thing that I love about my Yahoo email. This may be a premium feature, but since I have Verizon/Yahoo DSL, my free yahoo account gets the premium benefits.
Anyway, I love the disposable addresses. You select a contant “prefix”, which is followed by a “-” and then you add whatever special characters next, followed by the normal @yahoo.com For example:
Tossit-Youtube@yahoo.com or Tossit-Myspace@yahoo.com
You get the picture. You can also have the mail that they send to that address filtered into a special folder, or to your inbox. It all goes into the same box as your regular email address. This way, if your address gets out or if you can’t manage to get someone to remove you from a mailing list, you just delete the disposable address and viola! no problem. I must have 20 or 30 disposables set up right now.
September 6th, 2008 at 5:31 pm
I’ve got some stuff that keeps getting sent to me that I’d like to stop. It gets sent in my inbox. How can I report it so that they will stop. I report that they are spam but they keep coming. Some of it is very offensive.
September 6th, 2008 at 8:41 pm
I use MS Outlook for my e-mail retrieval. I want to set up another e-address, but when I did this, both the new and the old address were coming through the same “pop” address. What I’d like to do is establish a new e-address that I can give out to friends/relatives, and leave the old one for spam/junk. How would I go about doing that?
September 7th, 2008 at 1:14 am
Absolutely!
You don’t know the sender? Delete it!
Any case; hi anyone out there want to give me money? I’ll give you my lawyer’s number, he will take care of all the IRS and sundry details.
Love to y’all.
September 7th, 2008 at 4:22 am
inre the full headers forwarding. I too like to report “phishing” email. I select “full headers” and then cut them and go to forward and then paste them into the email and then select recipients and forward. I forward them to the following and to the organization being misrepresented.
Commission, Federal Trade – spam@uce.gov
Fraud, Earthlink – fraud@abuse.earthlink.net
Group, Anti-Phishing Working reportphishing@antiphishing.org International, Fraud Watch – admin@fraudwatchinternational.com
I got an email in my AIM account this morning that was disguised as a reminder from Yahoo! Calendar. This is a first for this type for me.
September 7th, 2008 at 9:49 am
If the yahoo spam blocker is supposed to learn what type of spam to block it recieves a triple” F ” because the only thing it has blocked to date is my legit banking mail. And when I asked yahoo for help some real wizard pretty much told me I was S.O.L. Thanks for not alot!!!!!!
September 14th, 2008 at 6:22 am
Me too. This yahoo dude told me to check out this site for the answers. He must work for the spammers. I’m not new to this org. but the filters are not working properly and I’ve recieved 300 plus porn and lottery spam within the last week or so. This is unacceptable and someone from Yahoo should get on the stick and deal with the issues here. Where’s Mark when we need him? Come on guys work the problem. Give us a resasonable solution to all this spam getting thru your filters. And don’t send our contacts email(banks,credit cards and friends) to spam, which they have done to me as well, and keep the porn sites in my inbox.
September 30th, 2008 at 8:43 pm
Mr C,
I have the same exact problem, and have NEVER been on a porn site ever, not a 48 year old married lady, no thank you! Even my Messinger box is filled with them and I have a Premium account also.
All of my trying to get help from Yahoo has done nothing but lead me to the Q&A pages….I have my blocked addys totaled out, and still they get through. I can not get a refund on this Paid account that my friends can not get through cause all I seem to do is wipe out whole pages.
I am going back to Gmail and other addys, but is hard after 4 years using the one account for everything, even all of my groups.
And how was I not invited to this new forum meeting? I have two premium Yahoo accounts but no invite?
September 7th, 2008 at 10:00 am
I have received several e-mails from the “FBI” about it being alright to accept the offer of millions of dollars from known scam artists that they are watching. I know it is a lot of bunk but other people may not be as aware of the situation.
September 8th, 2008 at 12:26 pm
It can also be the other way around. I recently sent a newsletter to users of a forum which have e-mails mostly on yahoo and I have been reported that it got into their spam folders. It’s not in English, it had only two pictures, anyway, I don’t know what it had wrong so that it was considered spam.
I am curious if there is a guide to avoid your legitimate message from being treated as spam.
I’m kind of sad because it happens for me about one time a week to receive spam in my Inbox (Yahoo mail, as well) but when I try to send a legitimate newsletter, it’s being cast away in Spam.
September 9th, 2008 at 1:27 pm
how about those “your are the upteeth visitor, click for your free gift cirtificate”? they are on the actaual yahoo mail page. they are not a free ift cirtificate. you have to pay for something or subscribe to a trial service that will cost you if you forget to cancel it in time. this is advertising on the yahoo webpage while you are reading your mail. but it is a scam. does yahoo endorse scaming their customers?
September 12th, 2008 at 1:02 pm
whoa so true sooooo true!!!:) :) :)
September 10th, 2008 at 1:01 pm
I support the phish/spam options that jam-one suggested above- after all, most Yahoo users’ll know the difference. I’m 11, and pretty stupid for 11, so… Besides, it always annoys me when I see some phisher mailing me and I have to report it as “spam”, even though it’s really a phishing attempt…
Anyway, back on topic.
mike- As far as I understand, the ads are on a pay-per-click ad system such as AdBrite or Google Ads. (The one on Yahoo is probably a private system owned by Yahoo that businesses- or, in this case, fake businesses- can apply to.) There’s no screening or moderation approval- if you apply, you get as soon as you click the activation link. There are probably very few ToS relating to said ads, mainly because, well, something like Yahoo must cost a lot to keep up, and if people are signing up, there’s a pretty high chance that they’re giving Yahoo money, because some poor person will click their ad. If you ran a paid ad service, and your site was running out of money, and a gangster came up and asked for some ads, if you had half a brain cell, you’d accept, right?
September 12th, 2008 at 1:01 pm
I totaly agree wit ya you have an awsome mind i mean i cant beleve it i have a dumb mind i ran into my garadge door and i was so messed up i could not see for 2 hours so you rock!!!:) :( :) :) :( :) :) :(
September 13th, 2008 at 2:55 am
Why don’t you add Challenge Response option?
September 27th, 2008 at 2:40 pm
i have gotten so many emails from these banks, people etc. they get to my inbox and my spam, ive figured out which ones are spam. i dont even both to open, i just delete it. if i open thinking that its about what i have put on craigslist for sale, and its not, i just put it back as unread and delete it!!!
October 3rd, 2008 at 1:30 am
hai i have another question why the yahoo mail beta one can’t send email more than 20 people? i have to go back to the old one then i can send it
October 4th, 2008 at 12:18 pm
Why is it, and what do you do, when you are getting email spam from yourself, selling money, sex, pills, etc. I mean, this is coming from my own email address and I didn’t send it!
October 15th, 2008 at 9:25 am
i received this as a email. “baby please please talk2me” now my husband uses this email box for him self. i was really concern when i seen this as his past isn’t the cleanest ( with women).later that night i went on to yahoo IM this is what was said:
You currently appear offline to melodymex4.
husbands site name: hey you
melodymex4: i’ve been trying to talk to u 4 months, nothing is working
melodymex4: i found this cool site where we can chatt
melodymex4: I really am in love with you and i want to explain but just trust me
melodymex4: i dont’ know if my last message went though, if not then go to my profile and you can see the website im talking about.
melodymex4: its not dirty… i quit all that.
i still don’t know if this was spam, and i would like to know where i can go to find out. thank you ..blues
November 6th, 2008 at 12:54 pm
Same thing as Valerie posted on Oct. 4th–Something gets in my yahoo address book and sends spam messages to everyone in my address book using my email address as sender and deletes all names in my address book when it does also. Any one have an answer whats going on or how to get rid of?? HELP HELP
November 18th, 2008 at 7:16 am
A few years ago I received an email using the logos of eBay. I knew it was phishing, but was SO ticked off that I looked up ALL of the IP addresses from the full headers. I then sent emails to the webmasters of each domain informing them that a) they had a phisher/spammer using their network & b) this phisher/spammer was violating copyright by using the logos of eBay in their solictation. One of my emails was sent on to the police in Spain. Several months later, the Spanish police opened a fraud investigation and busted the ring.
November 19th, 2008 at 5:54 pm
The last number of months I have been getting Spam from drug companies from all over the world. I mark them spam, block the addresses, and yet, still get the same ones over and over. Your spam guard either isn’t doing its job or it just isn’t effective. Please upgrade and make blocking just a click away. Thank you.