Phishing e-mail & Yahoo Mail

[kaneohe]

Yesterday I attempted to forward a phishing e-mail to Schwab.
The phishing message was supposedly from Schwab but most likely
was not. Yahoo mail supposedly blocked the mail from being sent normally
and asked me complete an anti-spam test.......they show a bunch
of random characters and ask you to tell them what they are. I
wasn't sure if that was legit so I didn't complete it.

Today I tried to send another unrelated "innocent" message and the
same thing came up again. Is this really Yahoo mail doing it or is
the phisher getting revenge?

 

[Rustward]

Don't really know for sure, but I believe the phishers would rather focus their efforts of finding other victims who would perhaps be more cooperative than trying to get revenge. Their response rate might require them to send lots of emails to get a useful reply.

 

[kaneohe]

What I meant was can the phishing message be programmed so it causes trouble if you try to forward it?

 

[Nodak]

Yesterday I attempted to forward a phishing e-mail to Schwab.
The phishing message was supposedly from Schwab but most likely
was not. Yahoo mail supposedly blocked the mail from being sent normally
and asked me complete an anti-spam test.......they show a bunch
of random characters and ask you to tell them what they are. I
wasn't sure if that was legit so I didn't complete it.

Today I tried to send another unrelated "innocent" message and the
same thing came up again. Is this really Yahoo mail doing it or is
the phisher getting revenge?

The random characters thing is legit. It's used to make sure they are dealing with a human being and not a spam bot.

 

[Alan]

The random characters thing is legit. It's used to make sure they are dealing with a human being and not a spam bot.

I agree. No harm in typing in the random charcters which are designed to fool spam bots and need a human eye to decipher.

 

[donheff]

It does sound like Yahoo saw something in the messages you were forwarding that appeared to be spam so their bots took step to make sure you were not a bot

 

[chinaco]

They probably send a number of different emails to the targeted victim... figuring some people just delete certain mail without clicking the link!!! hoping they will eventually fall for it.

 

[kaneohe]

Thanks all for the replies. Ok, I can understand, intercepting that message and testing me, but.........
1) the phishing message went originally to DW; she forwarded it to me w/o incident; but then only went I tried to forward it again to Schwab did that random letter test come up.
2) as I mentioned, today I sent an "innocent" e-mail that I generated myself.....
I was going to say plain text .....but I just remembered , there was an attachment to a US Treasury pdf form........and got that same random letter test. Am I branded w/ the scarlet letter forever or did it not like the attachment? and why 1)?

 

[M Paquette]

Thanks all for the replies. Ok, I can understand, intercepting that message and testing me, but.........
1) the phishing message went originally to DW; she forwarded it to me w/o incident; but then only went I tried to forward it again to Schwab did that random letter test come up.

Pieces of 'bad' mail are generally detected by checking against a number of rules for spotting unusual content, as well as being tested against a database of 'known spam'.

Possibly between your DW forwarding the mail to you and you forwarding it to schwab, the rules were updated, or that mail was added to the 'known spam' database.

2) as I mentioned, today I sent an "innocent" e-mail that I generated myself.....
I was going to say plain text .....but I just remembered , there was an attachment to a US Treasury pdf form........and got that same random letter test. Am I branded w/ the scarlet letter forever or did it not like the attachment? and why 1)?

The attachment probably triggered a rule. It's possible your account is flagged, as I've seen some mail systems do that as a response to unusual activity (reply-all to a large mailing list, for example), but the flag usually is cleared automatically after a few days.

 

[kumquat]

What I meant was can the phishing message be programmed so it causes trouble if you try to forward it?

It's been 4 years since I retired and things may have changed, but I don't believe there is any "programming" possible in an email. That doesn't mean the server (Yahoo) doesn't react to content but the message itself cannot "do" anything dangerous.

 

[GregLee]

Pieces of 'bad' mail are generally detected by checking against a number of rules for spotting unusual content, as well as being tested against a database of 'known spam'.

To elaborate, over 6 years ago, I installed a free program "SpamAssassin" on two Unix systems I used to administer, to detect spam. It's automated, and I just checked, out of curiosity, to find that it's still perking along unattended, a year after I retired. No one at work, I'm sure, has the slightest idea that it's there, still doing it's stuff. Well, anyhow, it interfaces with a programming system "Vipul's Razor", Vipul's Razor: home described this way:

Vipul's Razor is a distributed, collaborative, spam detection and filtering network. Through user contribution, Razor establishes a distributed and constantly updating catalogue of spam in propagation that is consulted by email clients to filter out known spam. Detection is done with statistical and randomized signatures that efficiently spot mutating spam content. User input is validated through reputation assignments based on consensus on report and revoke assertions which in turn is used for computing confidence values associated with individual signatures.

Of course, it's not foolproof, so it's possible to get caught inadvertently in the coils of such automatic systems that try to keep the net usable for us all. There are procedures and people you can get in touch with if you get put on a spammer list, but I'd have to do research to find out what they are.

I love the way computer systems are eternal, seldom needing health care, just always doing their job with no direction.

 

[donheff]

To elaborate, over 6 years ago, I installed a free program "SpamAssassin" on two Unix systems I used to administer, to detect spam. It's automated, and I just checked, out of curiosity, to find that it's still perking along unattended, a year after I retired. No one at work, I'm sure, has the slightest idea that it's there, still doing it's stuff.

I suspect there are a lot of daemons ticking away like that waiting to go wrong and ruin the day for some unsuspecting tech who can't figure out what went wrong.