Go Back   Tech Support Forum > Networking Forum > Security and Firewalls

How to stop email spoofers/phishing scams

This is a discussion on How to stop email spoofers/phishing scams within the Security and Firewalls forums, part of the Tech Support Forum category. I made the mistake of using my email address on a game forum and have since started receiving regular phishing


Reply
 
Thread Tools Search this Thread
Old 07-07-2011, 12:53 PM   #1
Registered Member
 
Join Date: Jun 2010
Posts: 86
OS: Windows 7 Home Premium (SP1)



I made the mistake of using my email address on a game forum and have since started receiving regular phishing scams using a spoofed from address.

I can't block the sender because it ends up blocking the legitimate emails as well as the spoofed ones.

How can I stop these emails or find a way to see the real from address?

__________________
eagledude4 is offline   Reply With Quote
Old 07-07-2011, 01:24 PM   #2
Registered Member
 
Join Date: Jun 2010
Posts: 86
OS: Windows 7 Home Premium (SP1)



I used Whois Lookup - Domain Names Search, Registration, & Availability | Whois.net to find whois information for the domain of the link in the spoofed email/phishing scam and found the following information:

Code:
Domain ID:D5143349-AFIN
Domain Name:COLOGIN.IN
Created On:03-Jul-2011 09:56:20 UTC
Last Updated On:07-Jul-2011 14:44:56 UTC
Expiration Date:03-Jul-2012 09:56:20 UTC
Sponsoring Registrar:Directi Web Services Pvt. Ltd. (R118-AFIN)
Status:CLIENT DELETE PROHIBITED
Status:CLIENT HOLD
Status:CLIENT RENEW PROHIBITED
Status:CLIENT TRANSFER PROHIBITED
Status:CLIENT UPDATE PROHIBITED
Status:TRANSFER PROHIBITED
Registrant ID:TS_16149013
Registrant Name:Li ming
Registrant Organization:Li ming
Registrant Street1:bei jing shi feng tai qu
Registrant Street2:
Registrant Street3:
Registrant City:bei jing shi
Registrant State/Province:
Registrant Postal Code:100091
Registrant Country:CN
Registrant Phone:+86.1052857677
Registrant Phone Ext.:
Registrant FAX:
Registrant FAX Ext.:
Registrant Email:wmwxx@139.com
Admin ID:TS_16149013
Admin Name:Li ming
Admin Organization:Li ming
Admin Street1:bei jing shi feng tai qu
Admin Street2:
Admin Street3:
Admin City:bei jing shi
Admin State/Province:
Admin Postal Code:100091
Admin Country:CN
Admin Phone:+86.1052857677
Admin Phone Ext.:
Admin FAX:
Admin FAX Ext.:
Admin Email:wmwxx@139.com
Tech ID:TS_16149013
Tech Name:Li ming
Tech Organization:Li ming
Tech Street1:bei jing shi feng tai qu
Tech Street2:
Tech Street3:
Tech City:bei jing shi
Tech State/Province:
Tech Postal Code:100091
Tech Country:CN
Tech Phone:+86.1052857677
Tech Phone Ext.:
Tech FAX:
Tech FAX Ext.:
Tech Email:wmwxx@139.com
Name Server:NS1.SUSPENDED-DOMAIN.COM
Name Server:NS2.SUSPENDED-DOMAIN.COM
Name Server: 
Name Server: 
Name Server: 
Name Server: 
Name Server: 
Name Server: 
Name Server: 
Name Server: 
Name Server: 
Name Server: 
Name Server:
Would blocking the above wmwxx@139.com email address be a solution?

__________________
eagledude4 is offline   Reply With Quote
Old 07-07-2011, 01:45 PM   #3
Moderator
- Microsoft Support
 
Join Date: Jan 2011
Location: United States
Posts: 4,931
OS: Win7, Win8, XP, Ubuntu



Probably not, unless that's the email everything is coming from which it wouldn't be if they're using spoofed addresses or server names.

If the emails are coming from a domain or mail server that you don't want to block the only other thing you can do is delete/trash files based on content if you know what it is that is common among the emails.
__________________

TSF does not support assistance through email or private messages, please keep all questions in the open forum.
JMPC is offline   Reply With Quote
Old 07-07-2011, 02:00 PM   #4
Registered Member
 
Join Date: Jun 2010
Posts: 86
OS: Windows 7 Home Premium (SP1)



I found a way to view the source of the email.

This is the header information:
Code:
Authentication-Results: hotmail.com; sender-id=temperror (sender IP is 121.66.33.19) header.from=noreply@jagex.com; dkim=none header.d=jagex.com; x-hmca=none
X-Message-Status: n:0:n
X-SID-PRA: RuneScape <noreply@jagex.com>
is this the IP to get whois information for?
Code:
(sender IP is 121.66.33.19)
I wish to notify ISP
__________________
eagledude4 is offline   Reply With Quote
Old 07-07-2011, 02:27 PM   #5
Registered Member
 
Join Date: Jun 2010
Posts: 86
OS: Windows 7 Home Premium (SP1)



Disregard the second post. I'm not sure where to get the correct whois information
__________________
eagledude4 is offline   Reply With Quote
Old 07-07-2011, 02:44 PM   #6
Registered Member
 
Join Date: Jun 2010
Posts: 86
OS: Windows 7 Home Premium (SP1)



I found this link: IP Address: 121.66.33.19

and found that the ISP is Dacom, but I cant find a website for this ISP.
__________________
eagledude4 is offline   Reply With Quote
Old 07-07-2011, 04:26 PM   #7
Management Team Networking
 
Join Date: Sep 2010
Location: Oregon
Posts: 15,045
OS: Vista/Win7



wouldn't matter if you did. might want to google spamming to understand how it works.

only solution, and even it has its limitations, is get a new email address.

also learn a few email rules like why you use the bcc field if sending to multiple email addresses
and why you should be upset if you get a email with many other peoples email addresses in it *hint* any one of those people has their email compromized you are once again back on the world wide spam list.
Wand3r3r is offline   Reply With Quote
Old 07-07-2011, 06:19 PM   #8
Registered Member
 
Join Date: Jun 2010
Posts: 86
OS: Windows 7 Home Premium (SP1)



Quote:
Originally Posted by Wand3r3r View Post
wouldn't matter if you did. might want to google spamming to understand how it works.

only solution, and even it has its limitations, is get a new email address.

also learn a few email rules like why you use the bcc field if sending to multiple email addresses
and why you should be upset if you get a email with many other peoples email addresses in it *hint* any one of those people has their email compromized you are once again back on the world wide spam list.
I know how spamming works, and I also know that telling the host of the IP address that's spamming me that they are committing fraud will solve the issue.
__________________
eagledude4 is offline   Reply With Quote
Old 07-12-2011, 04:26 AM   #9
TSF Enthusiast
 
Join Date: Apr 2008
Location: Glasgow, Scotland
Posts: 792
OS: W7, W8, WinSrvr



"and I also know that telling the host of the IP address that's spamming me that they are committing fraud will solve the issue. "
Good luck with that one.
If it works, I've got a job waiting to take down the rest of the world's spammers.
__________________
clyde123 is offline   Reply With Quote
Old 07-13-2011, 12:59 PM   #10
Management Team Networking
 
Join Date: Sep 2010
Location: Oregon
Posts: 15,045
OS: Vista/Win7



especially since its clear there is a lack of understanding on how spamming works.

Spammers NEVER use their ips/machines. It always comes from a compromized workstation or server.

Ever wonder why its so easy to spam the world? Ever think about all of these wanta bes bringing up their own mail servers with no understanding on how to harden/secure them? They couldn't make it easier for hackers and then spammers.

Wand3r3r is offline   Reply With Quote
Reply

Thread Tools Search this Thread
Search this Thread:

Advanced Search

Similar Threads
Thread Thread Starter Forum Replies Last Post
Stop Outlook from creating seperate email account folders
Each time I add a new email account in outlook 2010 it creates a new folder for that email account (inbox, sent, deleated folders etc. I create my own folders and rules and don't want outlook to create its own new folders for each email account. How do I get it to stop doing this? Outlook...
michaelrj9 Microsoft Office support 1 06-19-2011 02:12 AM
Outlook 2007 unable to receive email
Outlook 2007 unable to receive email. Work from home, able to send email but not receive email for either of my two accounts; suddenly started during the day without any other noticeable changes; has continued for 4 days. Has been working fine for 18 months on Windows 7 HP laptop. Disabled and...
rcowen Microsoft Office support 3 05-22-2011 05:33 AM
My msn email wont stop sendibg out spam...help!!!
What do I do. I'm completely computer for dummies
Astephens General Computer Security 3 04-12-2011 07:11 PM
The Blue Screen Of Death & Can Not Reformat
I am on a Lap Top now but my PC is currently facing The Blue Screen Of Death First thing I tried to do was reformat by booting via XP CD Set Up & everything goes fine but then The Blue Screen Of Death shows up & I can not go any further. I even try Windows 2000 set up this way & then The Blue...
Lopez Windows XP Support 30 04-10-2011 03:58 PM
Epsilon email security breach hits 50 clients
About 50 companies were affected by a major security breach at email service provider Epsilon Interactive that caused many US corporations to warn their customers of online attacks Monday. Epsilon first warned of the incident Friday, saying that someone had got into company systems and obtained...
Glaswegian Computer Security News 1 04-05-2011 01:03 PM

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is on
Smilies are on
[IMG] code is on
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off


Post a Question


» Site Navigation
 > FAQ
  > 10.0.0.2


All times are GMT -7. The time now is 10:12 AM.


Copyright 2001 - 2014, Tech Support Forum

Windows 7 - Windows XP - Windows Vista - Trojan Removal - Spyware Removal - Virus Removal - Networking - Security - Top Web Hosts