Questions tagged [phishing]
38 questions
44
votes
6 answers
Phishing site uses subdomain that I never registered
I recently received the following message from Google Webmaster Tools:
Dear site owner or webmaster of http://gotgenes.com/,
[...]
Below are one or more example URLs on your site which may be part of a
phishing…
gotgenes
- 543
- 4
- 6
13
votes
4 answers
Suspected server or data vulnerability and reporting a fraud site
Two days ago someone created a website that has the exact same domain of the company I work for, but missing one letter, and sent a mail campaign to many people that there is a promotion on the website, when you go to the website you (as…
mpcabd
- 233
- 1
- 7
8
votes
1 answer
Why is fail2ban finding but not banning
I noticed something strange on my Ubuntu Xenial server.
It has SSH on the default port and it has fail2ban.
Fail2ban is detecting brute force attempts on the server and are logged accordingly:
2017-01-12 10:58:19,927 fail2ban.filter [23119]:…
Waleed Hamra
- 731
- 6
- 16
6
votes
6 answers
Are Extended Validation SSL certificates effective?
Every time an SSL cert comes up for renewal, my provider tries to sell me an Extended Validation certificate. The big difference is the green address bar in FireFox and Safari for quadruple or quintuple the cost.
Supposedly, the benefit (and reason…
sh-beta
- 6,756
- 7
- 46
- 65
4
votes
1 answer
SPF - Will softfail get inherited when included?
If I add the SPF-policy v=spf1 include:_spf.google.com -all to my domain, will the -all have some effect or will the ~all from _spf.google.com get "inherited" to my domain?
user82444
4
votes
5 answers
Securing Internet and E-mail in small corporate environment
Our company is having a real problem with spam, phishing, and sophisticated viruses (ones that are brand new at time of first download, and not recognized by any virus scanners for at least a few hours after being downloaded, sometimes days). We…
Beep beep
- 1,843
- 2
- 18
- 33
3
votes
2 answers
Report phishing websites
Is there a central place to report domains that have made phishing attempts against my users? I usually make a report to the host of the domain (GoDaddy, generally) but I was wondering if there is a more effective place to send a report?
Richard
- 133
- 3
3
votes
1 answer
Spamassasin regex body and header check not working
We are trying to mark phishing mails with a simple rule in Spamassasin as spam.
But unfortunately we are unable to get a working check out of it.
Basically what we are trying to achieve is that if the sender of the Mail is not from our domain…
Daywalker
- 485
- 5
- 25
3
votes
3 answers
Reported Attack Page : how to resolve this problem
My site bccfalna.com is working normal before 2 days but now its not open in firefox/chrome and other browser and come below error message
Reported Attack Page!
This web page at www.bccfalna.com has been reported as an attack page and has been…
tanujdave
- 33
- 1
- 4
3
votes
1 answer
How is this email passing DMARC?
Today we received a spoofed email: it was sent to us "from us". (Assume we own foo.com -- real domain redacted.)
This is disturbing, as it shows as "from foo.com", yet the sender is definitely not from "foo.com".
The mailbox "hello@foo.com" is a…
Lawrence Wagerfield
- 47
- 8
3
votes
1 answer
Display full FROM email address in Outlook
I'm trying to do phishing mitigation in the Outlook desktop app, and I've seen a number of cases where the display name is so long that the email address gets truncated, e.g.
From: Microsoft email account activity notifications…
Barton Chittenden
- 310
- 2
- 8
2
votes
3 answers
Can anyone purchase a SSL certificate?If so what is it's significance in identifying phishing?
I have read a lot that a phishing site will not be having an SSL certificate installed.As far as I know, anybody can purchase an SSL certificate and install it in their website, irrespective of the site being genuine or fraud. In this scenario, what…
user7282
- 121
- 3
2
votes
3 answers
Block people searching for server admin pages
Occasionally I flip through our (apache) access log and I often come across people trying to fish for admin pages. For example, they are trying to access pages like:
/wp-login.php
/administrator/index.php
/admin.php
/user
None of these…
Hubbo
- 23
- 3
2
votes
3 answers
Avoiding viruses 101
I'm looking to send out an email to my users to give them advice on avoiding getting viruses and phishing emails.
I've found http://www.sonicwall.com/furl/phishing/ which is a bit dated and is primarily for phishing but still applies a bit for…
PHLiGHT
- 1,041
- 10
- 25
2
votes
5 answers
Virus sending phishing emails through exchange server
It appears that there is a virus on my network somewhere that is sending phishing emails through my exchange server. I can see the messages in message tracking and I see many SMTP errors for NDR's and rejected connections from external servers, but…
therulebookman
- 340
- 2
- 4
- 9