Autor: W B Hacker Datum: To: exim users Betreff: Re: [exim] Anti Phishing ACL
Ian Eiloart wrote: > *snip*
>> The ONLY email they send is either advertising/promotional, OR a
>> 'heads-up' for you to log-in and view a waiting message on THEIR system.
>>
>> It is the second one that the 'Phishermen' try to emulate.
>
> And, that's the class of spam that this is attempting to deal with.
>
>> But anyone who clicks on a URI in a message - even the most valid of
>> them - is making a serious mistake.
>
> Yes, but people do. Phone someone now, and ask them for the credentials
> to log in to their bank. 99% will give you the details, according to a
> call bank centre manager that I spoke to.
>
ACK. One of our C&W retirees in the UK recently got a phone call
purporting to be from Micros**t, asking him to enable remote access so
they could fix the problem on his PC....
Fat chance... But one theory bandied about is that of trained but
disgruntled or former call-centre staff with lists of client contact
info and the will to 'mine' it...
BTW - that '99%' the Wank Mangler mentioned probably don't have anything
worth stealing in their bank (we are talking the UK and recent days, are
we not?).
BTW - there must be thousands of UID:PWD compromises, perhaps tens of
thousands - for each one that results in a loss.
Unless the *perps* are as foolish as the WinLusers they keylogged, or
bought info on - they are only going to risk exposure for serious money,
and probably hit many targets at the same narrow time window before
submerging again.
Who knows how much of THAT might yet be lying in wait for what they view
as the opportune time to strike?
Or was executed during the high-traffic days of the current tsunami.