Re: Is a MSN security policy assisting spammers?

From: BrFK (BrFK_at_discussions.microsoft.com)
Date: 10/23/05 

Date: Sat, 22 Oct 2005 20:03:01 -0700

Exactly why I want to forward the incoming message versus a printout. I only
went to a printout/PDF in a situation that demanded immediate attention
without risking tipping off the sender.

I don't bother to send the offending message to MSN, rather I send it to the
organization being spoofed. For example, a request to update my banking info
at Chase is forwarded to the spoof / security dept at Chase. Since I don't
have an account there - that one is easy to spot as a fraud). Obviously, they
would be more concerned about their reputation than an ISP.

Will try the double-attachment send at the next opportunity. If other ideas
/ solutions come up.....

Thanks

"Karl Levinson, mvp" wrote:

> Also, forwarding the spam is totally useless unless you forward it as an
> attachment. Only then would the email contain the hidden SMTP headers
> anyone would need to research the spam.
>
> A possible solution might be to save the email as an HTML file, then email
> that file to the ISP that owns the IP address that was used to send the
> spam, if you still want to do that. The ISP will then cheerfully ignore
> your email.
>
>
> "BrFK" <BrFK@discussions.microsoft.com> wrote in message
> news:E26658BF-0191-4A13-9621-65C2D74F9F81@microsoft.com...
> > Background: When an email appears in my junk mail folder that appears to
> be
> > from a financial institution, I'm naturally suspicious. Especially when I
> > don't have an account there. My natural tendency is to forward the email
> to
> > the spoof address at the real institution.
> > The problem: I keep my security settings higher, so any graphics are not
> > downloaded unless they are from a known safe address.
> > So, if I attempt to forward a fraudulent phish or scam/spam email to an
> > institution so that they can investigate it, MSN blocks the forward
> unless I
> > agree to download any attached graphics first. Of course, there is a
> warning
> > message that pops up on my screen from MSN alerting me that doing so will
> > verify my address to the original sender.
> > With this policy, all a spammer or phisher has to do is attach a graphic
> or
> > picture to verify the validity of an email address of anyone seeking to
> > report their activity.
> >
> > Is there a way of forwarding these fraudulent emails to the proper
> > authorities without exposing oneself to the criminal that sent the email?
> >
> > Could MSN allow the forwarding of emails to "spoof@" addresses without
> > exposing their users to more harm?
> >
> > Any ideas on solutions would be appreciated.
> >
>
>
>