emwul64

Phishing mails - is there some central database of some sort?

Recommended Posts

Just curious to know:
How are details with regards to all the phishing mails recorded?
Up front: I might be wrong, but one way or the other my impression is that information is a bit 'scattered', meaning to say, it is not centrally recorded(?)
After receiving a suspicious mail, one should search on Internet to get a confirmation.

As for spam, I believe information is being stored in blocklists from dedicated servers such as Spamhouse, Spamcop and the like.
Maybe recording that kind of information is easier, compared to phishing mails, I don't know.
Phishing mails exist in many languages.

Background: even though I use Emsisoft and Mailwasher and even though my ISP is actively filtering on spam, I received a phishing mail (admittedly, only 1)
and 2 threat mails over the last 2-3 weeks and I had to check Internet to find confirmations.

 

Share this post


Link to post
Share on other sites

@emwul64 Why would you search the internet to 'confirm' that a dubious email is an attempt at phishing?  What does finding a record of such a thing prove?  What does not finding a previous identical instance prove? 

Share this post


Link to post
Share on other sites

@Frank H

regretfully the ones I received bypassed that module then.

@jeremynicoll
Well, seems to me that in case of doubt, one would like to be certain. At least, I do. 
Specifically in those cases where mails look pretty much like 'real' ones (i.e. non phishing mails from a bank).

Share this post


Link to post
Share on other sites

Why would there be doubt?  Banks, tax authorities etc NEVER send emails asking you to click on a link to provide them with more information.

Even if you do think some organisation genuinely wants you to provide info, ignore the email.  If you absolutely must check, use your normal method of logging in to their website and look for a status update or message about whatever it is, there.   Or ring them, using the number you already know is them.   Better still, don't bother.   Wait until they write you a letter.  And even then, don't volunteer information unless you are certain it's the real deal.

In my case I have my own internet domain name, that is my email addresses are all @somethingofmine.org.uk.   I give different lefthand parts to different organisations, so eg the email address my bank uses for me is different from the email address emsisoft use, whch is different from ... I'm sure you get the idea.   If a 'bank' email comes to the address I use for emsisoft, I know without looking at it that it is iffy.   I'd also then change the address I use for emsisoft.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.