I’ve been receiving phishing emails for the past few months. The gist has been that I need to sign in to my Live.com account and give them all of my details and all will be well. Needless to say, I’ve always just deleted these.
I did try to alert Live.com to the problem and their answer was to disable my account. My account was never compromised. I was just trying to let them know that there were attempts. I received another email today and I finally have an email address for one of the culprits.
Who do I give this info to so that they can try to put an end to this sort of phishing? They make it look like it’s actually coming from Live.com? “Warning: the account owner that fails to verify his or her or account within two weeks of receiving this warning will lose his or her account permanently. Sincerely, The Windows Live Hotmail Team. The current address is [and I’m not going to mention it here].”
Granted, it’s probably a needle in a haystack but does Live ever prosecute these people? Thanks for any help.
In this excerpt from Answercast #4, I’ll discuss the big companies, their response to spam, and if reporting spam and phishing attempts can help.
Become a Patron of Ask Leo! and go ad-free!
Phishing is Insidious
So, several answers here. The short answer is don’t bother. Just don’t bother.
Do what you were doing. Delete the mail and get on with your life. A lot of people desperately want some place to report these things to so that they get handled, so that they get fixed. The short answer is that you don’t need to.
They already know
You just don’t need to. Trust me. Microsoft and all of the other email providers, they know that this is going on. They are constantly battling this. Now, you might say why haven’t they fixed it? Because it’s not an easy to problem to fix.
You know that email address you think you have? It’s probably totally unrelated to the email that you got. It was probably forged. Even the IP addresses that are in the headers may very well be traceable. Nine times out of ten, they’re traced either to a machine that has been compromised by malware that is part of some kind of a bot net (i.e. it could have been your machine if you had been infected by malware), which again doesn’t lead them back to the actual originators of this scam. Or the IP addresses could lead off shore to some foreign country where there just isn’t the ability to enforce what needs to be enforced.
There’s no shortage of knowledge about these kinds of scams and the kinds of information that services like Microsoft, Hotmail might be gathering.
They’ve got all of the information that they need. They are working on this through many different ways.
Reporting it wastes resources
Reporting it? In my opinion, it honestly doesn’t help. It’s a waste of your time. It doesn’t really add a lot to the base of knowledge that they already have. By far, the best thing that you can do is simply either delete it or mark it as spam, if you have that option in your mailer, and get on with your
life.