October 3-7—JOSHUA TREE, CALIFORNIA: Annual show; Sportsmans Club of Joshua Tree
Welcome to the GemologyOnline.com Forum
A non-profit Forum for the exchange of gemological ideas
It is currently Fri Sep 21, 2018 9:50 pm

All times are UTC - 4 hours




Post new topic Reply to topic  [ 11 posts ] 
Author Message
 Post subject: Internet Phishing
PostPosted: Wed Oct 10, 2012 12:29 pm 
Offline
Gold Member
User avatar

Joined: Fri Oct 12, 2007 10:22 pm
Posts: 1117
Location: Virginia
I have three websites - two for my actual profession and one for my jewelry. They don't get very much traffic as I don't advertise, etc.

Recently - for about a month - I've been getting phishing emails to my jewelry email address. Mostly they are fraudulent receipts for non-existent purchases I supposedly made. Some are about bank transactions that have been rejected. Several were about payroll errors. But most are mimicking real companies and have emails that look genuine.

I traced one through the firm they were impersonating, and that owner had tracked them to an Argentinian isp.

I have had a serious increase in traffic on my site from Ukraine and Russia - for no reason I can think of - and show numerous new links to my site from those locales.

They have not been doing this through my other 2 sites (yet) and I assume that is because they are consulting services, not retail, but I could be wrong.

If you get emails like this DO NOT clink on any of the links and do not give them any information. Forward the email to the company they are impersonating - if it's one you recognize.

_________________
Soil is not dirt.
http://hmmdesign.net


Top
 Profile  
Reply with quote  
 Post subject: Re: Internet Phishing
PostPosted: Wed Oct 10, 2012 5:52 pm 
Offline
Site Admin
User avatar

Joined: Sun Oct 16, 2005 12:22 pm
Posts: 18981
Location: San Francisco
One can block access for IPs from certain countries if they wish.


Top
 Profile  
Reply with quote  
 Post subject: Re: Internet Phishing
PostPosted: Wed Oct 10, 2012 6:19 pm 
Offline
Gold Member
User avatar

Joined: Fri Oct 12, 2007 10:22 pm
Posts: 1117
Location: Virginia
Thanks, I'll research that with my provider.

_________________
Soil is not dirt.
http://hmmdesign.net


Top
 Profile  
Reply with quote  
 Post subject: Re: Internet Phishing
PostPosted: Thu Oct 11, 2012 12:30 am 
Offline
Platinum Member
User avatar

Joined: Fri Feb 24, 2006 1:20 am
Posts: 2719
Location: Southern California, U.S.A.
Barbra Voltaire wrote:
One can block access for IPs from certain countries if they wish.


Care to expand on that? I'm being plagued by a large number of site visits from Russia, Ukraine, Romania, China, Iran etc. and when I try to block them I get the message: Sorry, the name you entered could not be resolved to a valid IP address.

Meanwhile I'm getting hits from all sorts of weird URLs: porn sites, auto financing sites, etc. I want to stop this but don't know how. Any help out there?

_________________
Rick Martin

www.artcutgems.com


Top
 Profile  
Reply with quote  
 Post subject: Re: Internet Phishing
PostPosted: Thu Oct 11, 2012 2:07 am 
Offline
Platinum Member
User avatar

Joined: Fri Feb 24, 2006 1:20 am
Posts: 2719
Location: Southern California, U.S.A.
Hi Jeffrey,
My site has the IP Deny feature and that's the function that can't single out an IP or an IP range to block. When I see the logs from the troublemakers there are literally dozens of different IP numbers shown. They must use some sort of feature than automatically changes their IPs every few seconds so they can't be tracked to a blockable number.

Worse, I'm not sure what they're doing on my site. I've ID'd some as "content spammers" whatever that means. I know it's bad but I don't know how to stop them. It's very frustrating.

_________________
Rick Martin

www.artcutgems.com


Top
 Profile  
Reply with quote  
 Post subject: Re: Internet Phishing
PostPosted: Thu Oct 11, 2012 12:59 pm 
Offline
Platinum Member
User avatar

Joined: Fri Feb 24, 2006 1:20 am
Posts: 2719
Location: Southern California, U.S.A.
Thanks for the input Jeff. Blocking by range is the same solution I've decided on but haven't yet implemented due to the time required.

I'd block some countries as Barbra suggested but don't know how. Maybe my domain host can help -- if so I'll report back.

Further comments by the IT-savvy will be welcomed.

_________________
Rick Martin

www.artcutgems.com


Top
 Profile  
Reply with quote  
 Post subject: Re: Internet Phishing
PostPosted: Fri Oct 12, 2012 1:02 am 
Offline
Site Admin
User avatar

Joined: Sun Oct 16, 2005 12:22 pm
Posts: 18981
Location: San Francisco
Check
http://www.ipdeny.com/ipblocks/
and then check with your service provider to see how to proceed.


Top
 Profile  
Reply with quote  
 Post subject: Re: Internet Phishing
PostPosted: Fri Oct 12, 2012 1:19 am 
Offline
Platinum Member
User avatar

Joined: Fri Feb 24, 2006 1:20 am
Posts: 2719
Location: Southern California, U.S.A.
Thanks Barbra!

_________________
Rick Martin

www.artcutgems.com


Top
 Profile  
Reply with quote  
 Post subject: Re: Internet Phishing
PostPosted: Mon Nov 05, 2012 12:13 pm 
Offline
Moderator: Lapidary Arts and Tools
User avatar

Joined: Tue Jun 12, 2007 6:41 pm
Posts: 5503
Location: Massachusetts, USA
My security practice is to monitor the logs and see IP addresses that try to access script directories like /cgi.
First offense, that IP is blocked. Next offense the range 111.222.0-255 is blocked. Next offense, 111.0-255.0-255 is blocked.
Nuclear option is to block the first quad, and to hell with that country.
.CN is more laborious.


Top
 Profile  
Reply with quote  
 Post subject: Re: Internet Phishing
PostPosted: Fri Aug 30, 2013 3:31 am 
Offline
Valued Contributor

Joined: Sun Feb 25, 2007 12:44 pm
Posts: 204
Location: Dallas, Texas
There is a free application that will give you the original site as well as mirrors...... www.peerguardian.com
Origanially a university project, we forward to FBI or maybe they already have these due to US cyber snooping:-) W


Top
 Profile  
Reply with quote  
 Post subject: Re: Internet Phishing
PostPosted: Fri Aug 30, 2013 6:02 am 
Offline
Moderator: Lapidary Arts and Tools
User avatar

Joined: Tue Jun 12, 2007 6:41 pm
Posts: 5503
Location: Massachusetts, USA
Thanks. I have noticed a lot more hostile activity this year. Usually sniffing for CGI/PHP/other script or Dbase folders. My Deny list is many pages long.
In addition this forum has been sniffed to the extent I am getting spam sent to the address I only use as a contact here. Mideast and the old FSU countries, mostly. And the usual Nigerian scams.
And of course the innumerable hits from the sick, sick chair-sniffer of the Web, Google, doing the bidding of Friends in High Places, as usual.

I had to laugh yesterday when one came in offering their expertise in PHP. Yes, no doubt they were very good at it, but No Thanks.
Hire Willy Sutton to be bank guard?


Top
 Profile  
Reply with quote  
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 11 posts ] 

All times are UTC - 4 hours


Who is online

Users browsing this forum: No registered users and 1 guest


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group
Gemology Style ported to phpBB3 by Christian Bullock