[Scspamcop] Re: Moral obligation to phishing victim?

Kenneth Brody kenbrody at spamcop.net
Thu Apr 5 17:40:14 EDT 2007 

Scott Grayban wrote:
> 
> I would also forward the info to the PayPal security team as well.

Is that a different address than spoof-at?

> Include the URL you got the info from.

Already did.  (Strip the filename off the URL and you get a directory
listing.)

[...]
> >>>> Okay, what are my moral obligations to someone I think has been a
> >>>> victim of a phishing scam?
> >>> [...]
> >>>> a reverse phone number lookup give the same name and city as in
> >>>> the phisher's .txt file.  The SSN and credit card info loog like
> >>>> they may be valid.
> >>> [...]
> >>>
> >>> I decided "screw it", and called the phone number and left a message
> >>> about the scam.
> >> I think ya done right.
[...]

I got a call from the victim's husband, starting with "I got a very
strange message on my voicemail".  (I included my phone number in
the message I left, as part of a "I'm a real person" aspect of the
message.)  I read him parts of the info that was in the file (street
address, mother's maiden name, credit card bank name), and told him
the city and ISP of the IP that posted it (he said that would be his
wife's work location).  I didn't want to give him the URL of the file,
as it includes personal info from other victims.  I told him that I
had given the URL to PayPal.

While it should be (relatively) easy to straighten out the PayPal
situation, and cancel the credit card that she gave, the fact that
her street address, social security number, date of birth, and
mother's maiden name will be a major problem.


I just re-checked the data capture file, and see that someone from
rDNS tacoma.internetidentity.com submitted (false) info into the
form.  Their website says they are "expert phishing and response".
Has anyone here heard of them?  I don't like this line from their
website -- "Kill phishing sites for only $400 per site".

-- 
+-------------------------+--------------------+-----------------------+
| Kenneth J. Brody        | www.hvcomputer.com | #include              |
| kenbrody/at\spamcop.net | www.fptech.com     |    <std_disclaimer.h> |
+-------------------------+--------------------+-----------------------+
Don't e-mail me at: <mailto:ThisIsASpamTrap at gmail.com>

More information about the SCspamcop mailing list