[Scspamcop] Re: Moral obligation to phishing victim?
Scott Grayban
REMOVE.sgrayban at REMOVE.gmail.com
Thu Apr 5 16:51:13 EDT 2007
I would also forward the info to the PayPal security team as well.
Include the URL you got the info from.
Kenneth Brody wrote:
> Peter Pearson wrote:
>> On Thu, 05 Apr 2007 11:38:51 -0400, Kenneth Brody <kenbrody at spamcop.net> wrote:
>>> Kenneth Brody wrote:
>>>> Okay, what are my moral obligations to someone I think has been a
>>>> victim of a phishing scam?
>>> [...]
>>>> a reverse phone number lookup give the same name and city as in
>>>> the phisher's .txt file. The SSN and credit card info loog like
>>>> they may be valid.
>>> [...]
>>>
>>> I decided "screw it", and called the phone number and left a message
>>> about the scam.
>> I think ya done right.
>
> I also sent an e-mail to the dozen or so people who had entered
> legitimate-looking e-mail addresses and passwords. Then I
> decided that I could probably spend my entire day sending out
> such e-mails, so I instead sent the URL of the file to
> spoof\at/paypal/dot\com along with an explanation of what it
> was.
>
> Fortunately, only one person (so far) actually entered the personal
> into onto the second page. Unfortunately, 35 people (so far) have
> filled in the login and password with apparently-legitimate data.
>
> None of the dozen or so e-mails I sent bounced, so I have to assume
> that they were valid.
>
More information about the SCspamcop
mailing list