Dont Complain

So I bought a copy of Novembers issue of PC World magazine today for something to read and well I came upon this article that I found odd I guess Phishers don’t like it when people complain about what they do I have to type in the article because theres no link in it to a page on their website but ill let you guys decide as to what you think of it.

Phishing Botnet Goes After Those Who Complain

“Users who get wise to phihing attacks and then talk back to the bad guys are being targeted with exploits designed to hijack their computers, a security researcher says.
In a new twist, phishers using the Asprox botnet are striking victims who recognize the scam and use its fake login screen to give the crooks a piece of their mind. The scammers fire off a multipronged assault from a common attack kit against anyone who uses profanity in place of a user name or password, says Joe Stewart, director of malware research at SecureWorks.
Botnets consist of a group of PC’s infected by the same type of bot malware. A single bad actor can control a botnet remotely. Stewart estimates that the Asprox botnet encompasses at least 50,000 infected computers.
“The phishers are looking for [any of] three things,” says Stewart, who regularly researches botnets. “First, if you don’t fill out the form completely; second, if you use the term ‘phish.’ And third, if you use bad language.”
Although users who talk back side-step the initial identity-theft attempt, they may be at risk from the second attack, which launches through a recent version of Neosploit, a well-known attack kit that hackers often employ.
Users who have not kept Windows up-to-date or applied patches for popular browser plug-ins (such as QuickTime and Flash) are vulnerable to the Neosploit attacks, Stewart says.
Many people are inclined to blast back at phishers in the log-in screens, Stewart says. He nots that when SecureWorks locates a phisher’s data cache in the course of its security research, it frequently includes a “fair amount” of profanity and other uncomplimentary remarks. “People think, 'While I’m at it, I might as well take some retaliatory action,” says Stewart. “I can’t recall seeing an attack quite like this before,” he adds.
-Gregg Keizer”

I dont know if I believe it or not but if it is true well then I can say one thing about fishers their sure a bunch of Pansies who complain as well :slight_smile:

If you know it is a phishing attempt and I see many in the Spam that gets deleted by MailWasher Pro, gets treated in exactly the same way as spam. Delete it and never respond to spam it is a futile waste of time and energy to do anything else and the same is true of phishing attempts.

I most certainly don’t understand the mentality of people who visit a known phishing URL as for sure it isn’t just your identity they are after. Most would have a multi pronged approach not just a single attack planed, when you visit such sites unless you are stealthed (going through an anonymous proxy, etc.) your IP address is divulged which allows them to attempt an exploit of your system.

Im with you on that DavidR I just posted it up to see what people think about it. To me its kind of like their asking for it if you decide to curse the Phishers out


You are asking for it by just going to their sites.

(not you personally, Justin) :wink: