Collaborate Disseminate
For a purpose of a security class I want to demonstrate a threat delivered via email. As a demo message I want to use an eml file that contains a banking-themed pdf attachment, requiring further actions from the user. I want to scan the em… Continue reading Cmd line tool to scan an eml file against spam/phishing rules [closed]
I have a friend who is something of a public figure within a small sphere. She has been an object of negative attention recently in this sphere and has noticed that her emails are suddenly all going directly into the Spam folders of all he… Continue reading Is it possible to "hack" an email account so that the emails always go to Spam?
Businesses and consumers are relying on the voice call more than ever during the pandemic with voice traffic up 184% in 2020 compared to 2019, according to a Hiya report. Phone scams However, this increase in voice calls is being exploited by scammers … Continue reading Nearly 40% of consumers lost money to phone scams in 2020
I have an all-core MediaWiki website; no addons, no forms besides a login form (not even a contact us form); the MediaWiki installation is continuously upgraded and everything is quite minimal and secured.
Say my domain is example.com and … Continue reading Protecting bare text / link email address published in a website
I have noticed this issue while using Google’s Gmail with Thunderbird. When I send an email from Gmail’s web front end at https://mail.google.com/ my internal and external IP address are not included in the email header.
However, I would l… Continue reading How to send emails with Thunderbird without revealing my internal and external IP address?
I published the following diary on isc.sans.edu: “Another File Extension to Block in your MTA: .jnlp“: When hunting, one thing that I like to learn is how attackers can be imaginative at deploying new techniques. I spotted some emails that had suspicious attachments based on the ‘.jnlp’ extension. I’m pretty sure
The post [SANS ISC] Another File Extension to Block in your MTA: .jnlp appeared first on /dev/random.
Continue reading [SANS ISC] Another File Extension to Block in your MTA: .jnlp
I was checking my gmail account spam folder and I noticed an email sent by a known sender.
I thought it was flagged as spam by mistake so I opened it. Then I realized the content is the same as another email I sent the same person about a … Continue reading How to determine if a PC is safe after receiving a suspicious email message
I have accidentally clicked on a link in a spam mail (sent to my gmail, wasn’t sent to junk folder) and it opened the link in a new firefox tab. hxxps://hm_vqh3bo6.storage.googleapis.com/24476060.html which brought me to the google search … Continue reading Odd storage.googleapis.com link in spam email
The server has also httpd with PHP services running
I did read the guide here: https://a1websitepro.com/find-track-filthy-spammer-block/
I did install EXIM
My client complains they never had this happen on the Windows Server 2000, 2003, 20… Continue reading Identifying the spam source on my Centos6.9 smtp sendmail server [migrated]
How can I test if/how STIR/SHAKEN is working on my incoming calls? Both for detecting spoofed caller ID AND calls from disreputable (NON-‘A’ attestation) service providers/carriers/sources.
I’m looking for something vaguely like https://www.internetbadguys.com/ , https://dnsleak.com , OpenDNS/Cisco Umbrella list … 1-800-MY-ANI-IS (which, sadly, no longer works and is now a sleazy marketer), …
I’m getting a ton of harassing, spoofed phone calls, and the bulk of them appear to be criminal enterprises discussed in this FCC filing. My phone #s are all already on do not call lists, such as https://www.donotcall.gov/. I’m already using a HiYa-based anti spam call app.
Relevant/research so far:
https://www.home.neustar/blog/att-and-neustar-execs-share-thoughts-on-stir-shaken-success. Excerpts :
I know https://consumercomplaints.fcc.gov is there
TCPA small claims suits are effective; may be time for another one:
“Overseeing STIR/SHAKEN implementation is the Secure Telephone
Identity Governance Authority (STI-GA), a governing body comprising
service providers representing every segment of the industry, as well
as an administrator, and a technical committee. This board sets up the
Policy Administrators (PAs) that authorize service providers’ ability
to get a token and approve certificates to make sure calls can be
authenticated and exchanged with other carriers.To date, fifty-five service providers have registered with the STI-PA
to be able to sign their calls with STIR/SHAKEN authentication.Approximately 15 [major] carriers publicly announced they’re deploying STIR/SHAKEN in parts of their network [=] 70% of all active phone numbers in the U.S.
Neustar [provides] the ATIS Robocalling Testbed.
ATIS serves as the industry interoperability test facility to validate the effectiveness of caller authentication standards developed by the Internet Engineering Task Force (IETF) and ATIS.
…
“STIR/SHAKEN will only confirm that a call is not spoofed,” said Linda
(I think this is false/misleading.)
Specifically, the working group recommended monitoring subscriber traffic patterns to identify behaviors consistent with illegal robocalling and take action when illegal robocalling campaigns are identified.
[E]nterprises can let < sic > consumers which calls to trust
provid[e] more context and identif[y] details on legitimate phone calls, along with a check mark that shows the call has been authenticated
I feel I’m getting far MORE spoofed and spam phone calls since STIR/SHAKEN has gone into effect. This year, the number of spam SMS has gone from none for months to multiple per week.