EzDevInfo.com

How to contact Twitter to report phishing scams

Every week I get an email message from somebody asking me to confirm my Twitter account. I don't even have a Twitter account! The sender's email address is activate@twitter.com, which I find suspicious as it is so generic and does not include the sender's name, which appears in the subject line. I have never opened any of his emails as I suspect this is a malicious phishing scam. In the meantime, I have blocked it so the emails end up in my spam box. Also, I want to report the above to Twitter to see if they can do anything about it, should it be a legitimate user, which I doubt. How do I email or call them as I am not a Twitter user?

Spam despite marking it as phishing scam

I am getting emails from a phishing address supposedly from iTunes for a purchase. I'm using outlook.com.

On numerous occasions I have marked it as phishing scam but it still reappears.

There is a mark as phishing scam button you can do from the menu in outlook.com (formerly hotmail). Which when marked as sphishing you get a message saying thank you for marking it as phising. In the past it used work very well but since the spam issue microsoft have had it's not that effective.

Anyone else have any similar issues or managed to sort it out?

Gmail account targeted by phishing scams

Yesterday I sent an email explaining some seo techniques to a client and today I got 2 emails from other gmail addresses that are clearly phishing scams that want me to purchase seo scripts. I do know Google displays ads that are relevant to emails in your inbox which I can't seem to be able to turn off. Is it possible for other people to see what criteria Google uses to display ads to its users? I don't think my account was hacked because the only IP address that has accessed my account within the past 30 days is mine.

How to report scam Gmail acount?

A Yahoo account was hacked, Lets assume it was called example@yahoo.com and that the victim also have another email example@gmail.com.

The guy who hacked Yahoo email id stole the contact list, and created examplee@gmail.com and began sending scam email to the contact list. What to do about it?

To clarify:

Say my email is lynob@gmail.com, a hacker created lynobb@gmail.com, and began sending scams to my contacts.

I do know the email that the hacker created, it's a gmail, but cant report phishing or spam cause he didn't send me a copy (reporting emails in gmail is only an option if you receive a spam email. you cannot report a spam email that never contacted you).

And my contacts won't report him cause they think it's me, they won't notice lynobb@gmail.com, they won't notice the difference, also the hacker is using my profile picture as a profile picture for the scam gmail.

Report phishing attempt on Twitter

I think a friend's Twitter account has been compromised. She has sent me a direct message with a link which is an obvious phishing attempt to get my password.

I didn't fall for it, and I sent a message back to my friend that her account may have been compromised. Even if the message didn't actually come from her and was spoofed in some other way, I still want to report it to Twitter so that they can detect other messages using the same link.

The Twitter Help Center isn't particularly helpful in this regard. How can I report this to them? Can one even forward a Twitter DM?

Any danger in having spammy Twitter followers

I routinely receive notifications of obviously spammy Twitter users following me, e.g. accounts with names like @freemoneynow, etc. Is there a danger in allowing them to follow me if I do not follow them back? They could always send me a direct message with a phishing link, but aside from that, is this something I should be aware of? It becomes a maintenance headache if I have to actively prune my list of followers (admittedly not huge, but all it takes is one bad apple).

Thanks.

Why can't Hotmail (or other providers) tell the difference between spoof and real emails?

Why can't Hotmail tell the difference between spoof and real emails from a domain (such as blizzard.com)? I get swamped with phishing emails from "blizzard.com" so I put it on my blacklist but then I can't get legitimate emails.

Is there no information in the headers that can be used to definitively determine where the email came from?

Am I to trust my user/password to some apps that claim to be integrated with Twitter?

I have seen a couple of webapps that say something along the lines:

"Use your twitter account-> User ___ password __"

And then they take you to some other page.

After all this phishing warnings and all, why should I trust in one of those apps?

Any way to stop LinkedIn from asking for my email account password so it can spam my contacts?

On a regular basis, after logging in to LinkedIn and doing something like accepting an invitation to be "added to someone's professional network", LinkedIn will ask for my email account password. It is trying to get my contact lists so it can spam them with requests, on my behalf, to join LinkedIn.

The worst part is that several times I've almost been fooled into providing a password. At first I'm thinking that it is simply asking me to re-enter my LinkedIn password. The request is devious in that it starts off with several dots in the password field as if it actually already knows the password.

Then I notice it is prompting with the email address I used to sign up with LinkedIn, and my fingers can even start to type the password for that password for my totally separate email account. Then I stare harder at the screen and start to get mad.

This is nearly as bad as phishing and is an insidious and rude practice which I think should be stopped. If they know my email address, various folks at LinkedIn can do anything with it they want, despite the policies which I presume they have to curb abuse. There are of course many terrible security vulnerabilities they open up via this practice, beyond the anger they arouse in the many users who complain about this on their site and the many spammed contacts of those users.

Is there a setting on the site to turn off these requests, or a means of fooling LinkedIn into stopping or reducing them or reporting them to someone who can do something about it?

For example, perhaps providing passwords for dummy accounts, or accounts that connect with the better business bureau or some other watchdog group or folks they don't want on the site?

How to setup Gmail filters based on information in the header?

We are getting a very persistent person(s) who continually are spoofing a company employees e-mail address with criminal intent. They attempt to e-mail other people in the company trying to trick them into believing the e-mail is coming from a co-worker. Each time they use a different reply to address. I've been trying to figure out a way to setup a filter in gmail that trashes any spoofed e-mails that are not really authentic.

So the spoofed e-mails come from employee@OurDomain.com but the reply to field is alwayschanging@variousdomains.com. We can never stop them because they keep changing which e-mail they use in the reply to. They even went as far as buying domain names very similar to ours so it would look real. They also tried calling so this goes beyond your average phishing. I contacted the registrar and had those cancelled as fraud but the e-mail spoofing continues.

My thought was setup a filter that is based off of the "has the words" field but that only seems to apply to content the e-mail itself and not the header. Is there a way to create a Gmail filter e-mails based on the content in the e-mail header? Or maybe I should take a different approach? I'm open to any ideas.

I checked Stack and could not find an answer that specifically addresses this issue/challenge. Thanks everyone!

Gmail Advanced Search Reference:
https://support.google.com/mail/answer/7190?hl=en

I received a notification from Gmail that someone tired to sign in to my account. Is it legitimate? [duplicate]

Possible Duplicate:
Does Gmail sends “suspicious sign-in prevented ” emails or is it a trick?

I've just received the following notification, apparently from GMail:

Unusual sign-in location

Someone signed in from a location that isn't typical for your account. If it wasn't you, change your password immediately. Learn more
1. Review unusual sign-ins.

Norway
Prevented application sign-in
unknown.com | 148.122.197.152
Aug 13, 2012 8:30:10 PM
Suspicious
Undo

Is it legitimate?

Gmail "suspicious sign-in attempts" email - legitimate? [duplicate]

I got two emails this week from Gmail, claiming to have prevented "suspicious sign-in attempts" to my account. These emails came from the address: signins.activityalerts@gmail.com (using the name "Activity Alerts"), and were located in my inbox (not spam, where faked emails should go).

Image of one of the emails:

Text:

[My name redacted],

In the past 48 hours we have detected 6 failed sign-in attempts to your Google Account, [My email redacted]. We have prevented further sign-in attempts from the responsible address in case this was a hijacker trying to access your account. Please review the details of these attempts:

IP Address: [Redacted]

Location: [Redacted]

ISP: [Redacted]

Organization: [Redacted]

If you do not recognize this address, someone else might be trying to access your account. These sign-in attempts were unsuccessful, so no action is required. However, you may wish to reset your password for greater security. Find out how at http://support.google.com/accounts?p=reset_pw

If this was you, you may safely ignore this email. The address will be allowed to sign in again within 24 hours.

Sincerely,

The Google Accounts Team

Are these legitimate? I've never seen the email address before, but the only link on it (to learn how to reset my password) goes where it says and doesn't ask for any login information. If it is legitimate, is my account safe or compromised?

I have a Yahoo email account that just got hacked and now I can't send out emails

I have a Yahoo email account that just got hacked as someone used it to send spam to many of my contacts. I just changed my password. I've been trying to send emails to a few contacts that we're affected but it seems like I'm being prevented by Yahoo to send these emails. It's giving me a message "Your email could not be sent. Retry". I've clicked "Retry" several times but to no avail. Do you know why this is happening?

How do I get Gmail to display images in a message when it thinks, "This message may not be from whom it claims to be."

Occasionally, Gmail thinks that a legitimate message is a phishing scam. When I open it to verify it's legit and mark it "Not spam", a banner appears at the top warning me that, "This message may not be from whom it claims to be." It also won't display any images. I mark it as "Not spam" to put it in my Inbox, but that's not good enough for Gmail. It knows better than I do and still displays that banner and will not let me display images.

Is there anyway to get Gmail to back off and let me see those images?

How to identify whether my login page is phished page or actual page? [closed]

how can i determine the difference between phished page and the normal web page?i knew about only one method https and http before the address will be one of the identification ..

is it there any other methods to find whether the login page is phished?

any tool to notify me whether my page is phished or normal page?