The Mudcat Café TM
Thread #104138   Message #2128726
Posted By: JohnInKansas
18-Aug-07 - 03:14 PM
Thread Name: BS: UK: Where to send phishing emails
Subject: RE: BS: UK: Where to send phishing emails
In addition to the question of "to whom" there's apparently a question of "how" to send a phishing report.

I had a recent need to contact MSN Tech Support on a subject unrelated to phishing and other junk mail, but in the process of my mostly unproductive consultation the Tech Rep specifically requested that I forward a particular email to MSN's "abuse site." The message appeared to have come from MSN/Hotmail, and the Rep indicated that it appeared to be a phony.

I dutifully did a "forward" to the address given, and received a reply demanding that all such submittals should be sent as an attachment. The message also said that only "paid accounts" may submit such stuff. I had sent from my Hotmail account, which is a paid for adjunct account based on our MSN ISP account but which is something they never seem able to determine without our explaning it once more.

The reply provided a link to "instructions on how to submit" that was a dead link. I got "404 Site not found" on two attempts an hour apart, but later (on two attempts) got a fully downloaded blank screen.

The reply to my first email also provided a second link to "instructions on how to submit." This site was nothing but advertising BULLSHIT about the "new MSN Live!!" and "new Hotmail Live!!" email service (the subject of my original call to Tech Support). I followed ALL LINKS on this page and found no indication that you CAN SUBMIT anything to them.

Punting and applying a bit of imagination, I saved the subject email as a separate file and attached it to a new email, citing the request by MSN Tech Support, my CHARTER MSN ISP AND EMAIL account, and sent it off. I also included a comment or two on their previous response.

I got a new (2d) reply from them saying that they were "unable to receive my attachments." They provided additional unintelligible "instructions" and suggested that "as soon as you send the information** you can delete the email." (I think that's a hint?)

** Unspecified what information(?)

I have just sent a complete plain text reply, with all citations, with as much text as I could extract from the questionable email (it was mostly one big graphic), with all URLs visibly linked from the email message, full Header information, and complete plain text "Sender Information" as reported by my email program.

I await their next pleasant reply.

I was informed, incidentally, that MSN does not investigate or accept reports on SPAM. They are only interested in "phishing" or "threats," and in both cases they indicate that they "will take no legal action" and you must "immediately report the offense to your local police."

Hotmail, of course, doesn't accept any correspondence from users. "If your email doesn't work, send us an email." ("But only email us if your email doesn't work.")

My suggestion would be to ask your local police if they have an "Internet Crimes" unit. If not, go to your local, regional, state, or national "Attorney General" with the same question. A governmental "Consumer Protection" office might also be of some help, although it depends on where you are and how up to date your government is.

Your ISP may be better equipped for rational responses than MSN, so a check of their website (assuming they have one) offers a remote possibility of finding some suggestions.

John