[X4U] re recent thread on paypal phishing emails
John Baltutis
baltwo at san.rr.com
Wed Mar 18 12:43:40 PDT 2009
On 3/18/09, Ed Gould <edgould1948 at comcast.net> wrote:
> On Mar 18, 2009, at 12:09 AM, Linda wrote:
>> On 3/17/09 11:42 PM, Ed Gould wrote:
>>
>>> Victims, perhaps on one level but in the scheme of things I would
>>> trust credit cards over paypal any day.
>>
>> That's your opinion, and that's fine, of course. But others of us have
>> different opinions, and the other folks are right when they say that if you
>> don't forward the phishing messages back to the abuse/spoof
>> department of *whatever* organization it is, it's impossible to stop
>>phishermen.
>
> Here is an example and then you tell me.
> I got an phishing email, so I thought I would report it.
> I went to the banks web site and I looked and looked and looked and
> could not find any contact information.
> The only way I could contact them was *IF* I had an account.
> Now you tell me who should I contact in those circumstances?
> I know some places do have contact info but (a lot of) other do not.
> Another example this is closer to home. I decided to report a
> phishing incident to PAYPAL and yes I finely found the reporting
> email address but it did take me 15 minutes of digging.
> If companies *REALLY* want them reported then they should not bury
> the report address, no?
>
> Some companies are clueless and should they be rewarded because of
> their less than lets say competence in the world of the Internet?
Here's a counterexample. I note that Wells Fargo bank is a favorite phishing
target. So, I entered <http://www.wellsfargo.com/> into my browser, was
redirected to <https://www.wellsfargo.com/>, and at the page's bottom is a link
to "Report Email Fraud." I suspect that's true for most banks. And, no, I don't
have an account with Wells Fargo Bank.
More information about the X4U
mailing list