Category Archives: Phishing

Craigslist email-reply scam and what Craigslist could do to fix it

UPDATE [2013-02-13]: According to this article on Craigslist, as of February 10, 2013, they have implemented and are testing the idea I described below for fixing the problem described in this posting. I recently placed a for-sale ad on Craigslist. I anonymized my email address in the ad, which means that the published email address… Read More »

A study in contrasts: handling stolen email lists

I try to make a habit of giving out “tagged” email addresses to web sites when I sign up for accounts / mailing lists / whatever. For example, when creating an account at widgets.com, instead of just signing up as “jik@kamens.us”, I might sign up as “jik+widgets@kamens.us”. It ends up in the same mailbox regardless,… Read More »

Fascinating phishing attack — the links are fine, but watch out for the toll-free number!

A phishing message in my spam folder caught my eye today, so I decided to take a closer look at it. It claimed to be from CapitalOne.  It had a legitimate sender address, a legitimate Subject line (“Please Call Us Regarding Recent Restrictions”), and convincing-looking content that was mostly lifted straight from a real CapitalOne… Read More »