So I've recieved (what I suspect) is a phishing message thrice today from the same person. Normally I'd just report and move on; but something's really fishy here:
date: Fri, Jan 21, 2011 at 2:31 AM
subject: Please Respond: Contact Me Via Email at mabery@rogers.com
mailed-by:winthrop.edu
SNIP
Remain Blessed,
Mrs. Mary Abery
Normally, spammers dont use edu e-mail addresses, so naturally I figured I'd google it. Turns out marloweb@winthrop.edu is in fact Dean of Student Affairs at this no-name college. I can only assume that her account must have somehow been hijacked by this spammer (mabery@rogers.com).
Here's my dilemna: If I e-mail her to let her know, then is there a risk to me? My philosophy is to never respond in any way to phishing attempts as it marks you as a target. But this is just plain good-samaritanism methinks. Also, would the header be of any use in figuring out whether this e-mail really did originate from marloweb?
There is no surer aphrodisiac to a man than a woman who is interested in him.
It could be dangerous to you, but the alternative is right in front of you: there's a telephone number on that page you found when you googled. You could give Ms. Marlowe a call and let her know that her email has been hijacked for phishing attempts.
She should be able to sick the college's IT department on the problem.
CaptainChewbacca wrote:Dude...
Way to overwork a metaphor Shadow. I feel really creeped out now.
I am an artist, metaphorical mind-fucks are my medium.
Bounty wrote:Set up a dummy Yahoo account and mail her from there? Or contact the school directly through their homepage? This isn't exactly rocket surgery.
Is "rocket surgery" the act of performing surgery on a rocket, or performing surgery (on people) with rockets?
One sounds fun, the other sounds goddamned metal.
CaptainChewbacca wrote:Dude...
Way to overwork a metaphor Shadow. I feel really creeped out now.
I am an artist, metaphorical mind-fucks are my medium.
Wrong on both counts. It's performing surgery while both individuals are attached to a rocket. Incidentally, this was the actual cause for the Soviet Union's collapse.
Realistically, OP, if you reply to a phishing message, you can expect to get crapflooded with spam. Calling the person's phone or, as said, setting up a dummy e-mail gets around that problem, assuming said dean still has access to their mail.
I wouldn't waste my time on it. Email tricks using headers are a dime a dozen, and if this guy's email is on search engines then there really isn't much anyone can do. The only email spam that's ever really given me pause was someone using a Swedish police department's address to spam me with.
"It's you Americans. There's something about nipples you hate. If this were Germany, we'd be romping around naked on the stage here."
If you click on the arrow to the right and select 'show original' you should see the actual headers of the e-mail including which server it was received from. winthrop.edu does publish an spf record, which Google will flag though not negatively since it's ?all.
Give fire to a man, and he will be warm for a day.
Set him on fire, and he will be warm for life.
