Nope. That was a phishing spam, just maybe not the TYPE of phishing spam
you're used to seeing? Calling it a fraud doesn't make it not a phish.
When is a phishing spam ever NOT fraud? So what's the deciding factor?
The fact that this claimed to be Apple sending an invoice via PayPal -
and tried to trick the end user into thinking that they were the real
Apple - except it wasn't really Apple - it was a criminal masquerading
as Apple, trying to trick the recipient into paying this via thinking
that this was the real Apple. THAT is the deciding factor that makes
this a phish as well as a fraud.
(PayPal should have done better customer vetting on the front end!)
Rob McEwen, invaluement
------ Original Message ------
From "hg user" <mercurialu...@gmail.com>
To "Rob McEwen" <r...@invaluement.com>
Cc users@spamassassin.apache.org
Date 2/21/2023 3:10:35 PM
Subject Re: May I get to 0 phishing?
I think this is not a phishing, more a fraud: it seems a real invoice
for something you didn't buy.
I'm glad to hear from experts that it's impossible to have 0 phishing,
that I'm not missing the "silver bullet" or the magic token.
I may perhaps implement ESP plugin, and subscribe to DQS, or add a OCR
plugin for those very annoying "pay the fine" scams. Really dubious
about enabling razor and pyzor for italian language.
Unfortunately my spamassassin, version 3.4.5, is embedded into Zimbra,
and it makes me really afraid of adding plugins...
Suggestions are always welcome
On Tue, Feb 21, 2023 at 8:37 PM Rob McEwen <r...@invaluement.com> wrote:
What Bill Cole said! Agreed. For example, here's an almost impossible
phish to block (at least, without blocking legitimate PayPal
transactional emails!). This is a PayPal phishing spam, sent from
PayPal's own server! It was sent by PayPal. I only changed the
intended
recipient address (to protect the innocent), and changed the "=" at
the
end of lines MIME-formatting to regular lines, for better readability
when looking through the email body for links. Otherwise, not altered.
https://pastebin.com/v80qMF99
However - there are always very helpful improvements that can be made
for minimizing the number of phish that get into the inbox. It's a
constant battle!
Rob McEwen, invaluement
------ Original Message ------
From "Bill Cole" <sausers-20150...@billmail.scconsult.com>
To users@spamassassin.apache.org
Date 2/21/2023 2:11:02 PM
Subject Re: May I get to 0 phishing?
>On 2023-02-21 at 13:51:09 UTC-0500 (Tue, 21 Feb 2023 19:51:09 +0100)
>hg user <mercurialu...@gmail.com>
>is rumored to have said:
>
>>I was wondering if it is possible to reach the goal of 0 phishing.
>
>Nope. There are people who find it profitable and they will continue
to find ways to trick all the usable programmatic mechanisms deployed
to stop it.
>
>>With 2 layers of paid protection, and a third layer realized with
>>spamassassin with a lot of hand made rules, I'm able to catch a lot
of spam
>>and if some reaches the mailboxes, no problem.
>>
>>But when phishing is able to reach the mailboxes, it is more
dangerous, and
>>I'd like to bring it to a minimum.
>>
>>I'd like to know if you, despite all the barriers, still, although
rarely,
>>have phishing go through, and how do you handle the situation.
>
>Eternal vigilance and user education.
>
>The world is an imperfect place.
>
>
>-- Bill Cole
>b...@scconsult.com or billc...@apache.org
>(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
>Not Currently Available For Hire
