Jump to content

Phishing Spam Blocking - SpamCop Issue


Lode
 Share

Recommended Posts

Hi!

 

For some years I've been reporting spam to SpamCop. After forwarding the spam to SpamCop you get a reply email from them asking for a confirmation that it is indeed spam. In this confirmation request there is link leading to the spam reporting page of their website, and after logging in you confirm that the forwarded email to them is indeed spam. Then they'll let the spammer's ISP know about it.

 

Because SpamCop needs the headers of the emails to find out where the spam originated, and my Opera browser integratd mail client doesn't show those headers, I use MailWasher (free version which is good for maximum 1 email account, which is all I use anyway) because it has the option to report spam to SpamCop with the headers.

 

These last few days I got some PayPal and Apple account phishing spam, but for the first time some popups from EAM appeared with the message that those were phising emails (I don't remember the exact words) and that they were being blocked. It looks like a new EAM feature, which is excellent.

 

I always receive all my email in MailWasher first, and then go to my Opera mail client to receive what I did not send to SpamCop in MailWasher.

So the EAM popups with the "blocked phishing" messages appeared when MailWasher received those phishing spams.

The thing is that since that happened I don't get the usual confirmation request from SpamCop anymore, even thought the spam still appears in MailWasher after those EAM popups, and I do the usual thing to forward the spam to SpamCop. But I suppose EAM has already blocked them, so they are "dead" so to speak.

 

I wonder if this no replies from SpamCop issue is indeed due to EAM blocking the phishing spam, and if so, how to disable that otherwise excellent feature, so I can continue to report phishing spam to SpamCop.

Link to comment
Share on other sites

Hello,

 

it looks like the Emsisoft Anti-Malware Surf protection blocks this phishing hosts.

 

You can disable the Surf protection in Emsisoft Anti-Malware on the section Protection subsection Surf Protection to get the phishing host informations to your MailWasher software.

 

Or you can create a Process whitelist entry for the MailWasher executable in Emsisoft Anti-Malware section Protection subsection File Guard button Manage whitelist.

 

If you have any mor question please contact us again.

Link to comment
Share on other sites

Thank you for your help.

 

Although I always surf and run my email sandboxed (Sandboxie) by default, I would still prefer to have Surf protection set in Alert mode. So I chose the second option. 

 

Not sure how this is going to work, but MailWasher comes in a file called "Firetrust", and when I open that a long list of items appears, like applications and application extensions, 1 Config file, and 1 Text Document. They all seem part of Mailwasher. 

 

Thinking that this might cover all of it I entered this in Manage whitelist: C:\Program Files (x86) Firetrust and disabled Scanner, File Guard, and Behavior Blocker for that file.

 

I hope that will work so I can report phising spam to SpamCop.

 

But since phishing is always supposedly from well known companies like PayPal for example, but easy to recognize as phishing, it is always possible to forward them to the real company with the special email address they have for reporting it. I suppose they'll handle the rest. (On the SpamCop forum I suggested that maybe those companies use SpamCop too... :).)

 

I can do that even after Emsisoft Anti-Malware has made the popup appear I noticed. At least that was what happened, maybe due to my settings. 

Link to comment
Share on other sites

Only today did I get a phishing spam again (Apple account phishing) and again reporting it to SpamCop using MailWasher did not work. I did not get a warning or block popup from EAM anymore.

 

As for adding MailWasher to the whitelist, I had done that -I thought- by adding "C:\Program Files (x86) Firetrust" (no quotation marks) to it. But I just saw that the 3 check boxes next to it for Scanner, File Guard, and Behavior Blocker were not checked. I just checked them. 

 

Now it's waiting for the next phishing spam and try again.  :)

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...