Questions tagged [phishing]

38 questions
44
votes
6 answers

Phishing site uses subdomain that I never registered

I recently received the following message from Google Webmaster Tools: Dear site owner or webmaster of http://gotgenes.com/, [...] Below are one or more example URLs on your site which may be part of a phishing…
gotgenes
  • 543
  • 4
  • 6
13
votes
4 answers

Suspected server or data vulnerability and reporting a fraud site

Two days ago someone created a website that has the exact same domain of the company I work for, but missing one letter, and sent a mail campaign to many people that there is a promotion on the website, when you go to the website you (as…
mpcabd
  • 233
  • 1
  • 7
8
votes
1 answer

Why is fail2ban finding but not banning

I noticed something strange on my Ubuntu Xenial server. It has SSH on the default port and it has fail2ban. Fail2ban is detecting brute force attempts on the server and are logged accordingly: 2017-01-12 10:58:19,927 fail2ban.filter [23119]:…
Waleed Hamra
  • 731
  • 6
  • 16
6
votes
6 answers

Are Extended Validation SSL certificates effective?

Every time an SSL cert comes up for renewal, my provider tries to sell me an Extended Validation certificate. The big difference is the green address bar in FireFox and Safari for quadruple or quintuple the cost. Supposedly, the benefit (and reason…
sh-beta
  • 6,756
  • 7
  • 46
  • 65
4
votes
1 answer

SPF - Will softfail get inherited when included?

If I add the SPF-policy v=spf1 include:_spf.google.com -all to my domain, will the -all have some effect or will the ~all from _spf.google.com get "inherited" to my domain?
user82444
4
votes
5 answers

Securing Internet and E-mail in small corporate environment

Our company is having a real problem with spam, phishing, and sophisticated viruses (ones that are brand new at time of first download, and not recognized by any virus scanners for at least a few hours after being downloaded, sometimes days). We…
Beep beep
  • 1,843
  • 2
  • 18
  • 33
3
votes
2 answers

Report phishing websites

Is there a central place to report domains that have made phishing attempts against my users? I usually make a report to the host of the domain (GoDaddy, generally) but I was wondering if there is a more effective place to send a report?
Richard
  • 133
  • 3
3
votes
1 answer

Spamassasin regex body and header check not working

We are trying to mark phishing mails with a simple rule in Spamassasin as spam. But unfortunately we are unable to get a working check out of it. Basically what we are trying to achieve is that if the sender of the Mail is not from our domain…
Daywalker
  • 485
  • 5
  • 25
3
votes
3 answers

Reported Attack Page : how to resolve this problem

My site bccfalna.com is working normal before 2 days but now its not open in firefox/chrome and other browser and come below error message Reported Attack Page! This web page at www.bccfalna.com has been reported as an attack page and has been…
tanujdave
  • 33
  • 1
  • 4
3
votes
1 answer

How is this email passing DMARC?

Today we received a spoofed email: it was sent to us "from us". (Assume we own foo.com -- real domain redacted.) This is disturbing, as it shows as "from foo.com", yet the sender is definitely not from "foo.com". The mailbox "hello@foo.com" is a…
3
votes
1 answer

Display full FROM email address in Outlook

I'm trying to do phishing mitigation in the Outlook desktop app, and I've seen a number of cases where the display name is so long that the email address gets truncated, e.g. From: Microsoft email account activity notifications…
2
votes
3 answers

Can anyone purchase a SSL certificate?If so what is it's significance in identifying phishing?

I have read a lot that a phishing site will not be having an SSL certificate installed.As far as I know, anybody can purchase an SSL certificate and install it in their website, irrespective of the site being genuine or fraud. In this scenario, what…
user7282
  • 121
  • 3
2
votes
3 answers

Block people searching for server admin pages

Occasionally I flip through our (apache) access log and I often come across people trying to fish for admin pages. For example, they are trying to access pages like: /wp-login.php /administrator/index.php /admin.php /user None of these…
Hubbo
  • 23
  • 3
2
votes
3 answers

Avoiding viruses 101

I'm looking to send out an email to my users to give them advice on avoiding getting viruses and phishing emails. I've found http://www.sonicwall.com/furl/phishing/ which is a bit dated and is primarily for phishing but still applies a bit for…
PHLiGHT
  • 1,041
  • 10
  • 25
2
votes
5 answers

Virus sending phishing emails through exchange server

It appears that there is a virus on my network somewhere that is sending phishing emails through my exchange server. I can see the messages in message tracking and I see many SMTP errors for NDR's and rejected connections from external servers, but…
therulebookman
  • 340
  • 2
  • 4
  • 9
1
2 3