Hi Maybe anyone from AWS is on this list who could explain the reaction of AWS to phishing incidents?
Two weeks ago, our customer started to receive phishing emails asking them to enter their email credentials on a website that copied our webmail login, company name and contact details, hosted @ AWS. We opened a case with the AWS abuse desk and asked them to please disable the phishing site. Thankfully, there was a footer line hinting tho the tool used to create the site and thus to the AWS reseller hosting that site. I also contacted that reseller. He acted quickly, the phishing site was gone within a couple of hours. Kudos! But the (very later) reply from the AWS abuse team was very disconcerting! It was explaining, that AWS has no access nor is responsible for the content hosted by their customer and asked us to contact their customer directly to address the issue. I notified AWS that in this case we managed to contact their customer, but usually this is not the case when faced with phishing email displaying our own company name, logo and contact details. I asked if they could publish the abuse contact to their reseller in the corresponding IP registry in case they assigned the IP range in question to some other company. I got the same reply again telling me, AWS is not responsible for content published by customers on their platform. What went wrong? Or how can phishing be addressed with AWS? Or has AWS now become a safe haven for phisher? Mit freundlichen Grüssen -Benoît Panizzon- -- I m p r o W a r e A G - Leiter Commerce Kunden ______________________________________________________ Zurlindenstrasse 29 Tel +41 61 826 93 00 CH-4133 Pratteln Fax +41 61 826 93 01 Schweiz Web http://www.imp.ch ______________________________________________________ _______________________________________________ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
