InBoxRevenge KS Forum

Here's my "phishing" contacts.

<[email protected]>, <[email protected]>, <[email protected]>, "antiphishing dot org" <[email protected]>

Phishtank is largely "report only" - as in they don't persue any of it, but they do make the data available to companies who are victims (PayPal, ebay, the banks, etc...). AFAIK, you have to be a member for that address to accept your submissions.

I'm thinking US-CERT must participate in take-downs ;) Since a lot of these tend to use hijacked hosting or hacked webservers.....

coldrainnet/knujon - afaik uses their data for "brand protection" - and also distributes the phish submissions to the responsible parties (the trademark owners; i.e. the banks/paypal/ebay)

While much of the phishing spam I've had recently has used URL redirection from the actual spammed address as basic obfuscation (and been shut down in six hours or so) some of the ones I've had recently have been in the format of - httq://83-103-85-109.ip.fastwebnet.it/u ... sbc.co.uk/ . Is the base address (fastwebnet.it) redirecting to an IP address (83.103.85.109) or is it something more complicated. Whatever it is it seems more of a challenge to report as in this format they seem able to stay up for most of a week.

I've gotten decent responses using the SpamCop contacts available for phish domains.

But sadly, there are some hosters that will not accept SC reports _at all_......then it's back to the basics of sending them the message through the good old mail client :)

ahoier wrote: This is unfortunate, I don't use Spamcop enough to know that certain hosters reject reports. That is rather telling to me.