Spam & Phishing reporting...

Here's where to discuss topics that have nothing to do with using SuperCard, but may be of interest to the membership.

Spam & Phishing reporting...

Postby vinnie-bob » Mon Apr 22, 2013 6:06 am

Hi Guys,

I found this very good article on spam and phishing scams, not surprisingly on a Microsoft page (which was mentioned in an Ars Technica article):

http://office.microsoft.com/en-us/outlook-help/identify-fraudulent-e-mail-and-phishing-schemes-HA001140002.aspx

Anyway, I made an Applescript for reporting Spam & Phishing emails to the appropriate places (for USA users) for my kids, and thought I would share them here. You must be using Mac with recent system software (10.6 or higher?) and Apple Mail for this to work. The scripts are below. You should compile them as applications in Script Editor, don't show startup screen and don't stay open. I recommend naming them something like "xxSpamReporter", for the reason listed below. Note, there isn't any error detection to report that you ran the script without selecting anything...nothing will happen, and if you try and run it on multiple selections, it will likely error out. I store mine in a special folder in Applications which I call "Spotlight buddies" because I have a number of scripts which I trigger with Spotlight that are used on Finder selections or selections in other programs.

How to use:
1) In Mail, select a single email you want to report in Mail. Multiple selections are not supported
2) type ⌘-space to get into Spotlight search
3) type "xxSpam". You should only have to really type "xxSp" and it is likely that will get the app in your "Top Hit"
4) In Lion/Mountain lion if you see the app in your top hit, just type Return to launch/run it. In Snow leopard, I think you have to hit ⌘-return. If it isn't your top hit, it will become the top hit after you've used it a few times.
5) The script runs and it will: open a window with raw source, copy all the raw source, close the raw source window, create a new email addressed appropriately, type in a subject and a line in the content, paste in the raw source, send the email, delete the original spam or phishing email.

Issues:
1) If you are running Mail in "full screen" mode, it will slide over to the Finder for a second, and then back to mail before it runs, which is a bit distracting. This apparently has something to do with activating Mail with the script, but if I eliminate that step, the System events items do not execute correctly. If you aren't using Full Screen mode, then the script runs normally without the really obvious slide to the Finder...
2) I have "show BCC" checked in my Mail App, so that puts an extra field in the email box. You should be sure that "CC Address field" and "BCC address field" are checked in the view menu in your mail app for this to work correctly!!! If you prefer NOT to have these fields showing, then you will need to delete the appropriate 'tab' calls in the original Applescript.
3) Surprisingly, on my test machines, all the key command shortcuts in this script run fine without adding a "delay" between them. However, this may be a problem on some machines, so if you encounter problems, think about adding a few delays between those keyboard shortcuts! e.g., "delay 1"


I have used these for the last couple of weeks and they seem to be working fine, but they should be considered beta, use at your own risk.

Script #1 for reporting Spam to FCC:
Code: Select all
-- Applecript, original by v.angeloni 2013
-- removes the selected spam email by forwarding to fcc, then deletes with backspace
-- make sure you have selected the SINGLE message you want to do this to first!!! Won't work on multiple selections
tell application "Mail" to activate
tell application "System Events"
   tell process "Mail"
      keystroke "u" using {command down, option down}
      keystroke "a" using {command down}
      keystroke "c" using {command down}
      keystroke "w" using {command down}
      keystroke "n" using {command down}
      delay 2
      keystroke "spam@uce.gov"
      keystroke tab -- tabs to "CC:" field
      keystroke tab -- tabs to "BCC:" field
      keystroke tab -- tabs to "Subject field"
      keystroke "Spam Email source"
      keystroke tab
      keystroke "The attached email was sent to me and it appears to be spam."
      keystroke return
      keystroke return
      keystroke "----------"
      keystroke return
      keystroke "v" using {command down}
      keystroke "d" using {command down, shift down}
      delay 1
      keystroke (ASCII character 8) -- backward delete to delete the spam
   end tell
end tell


And a separate script for Phishing scams:
Code: Select all
-- Applescript, original by v.angeloni 2013
-- removes the selected spam email by forwarding to anti-phishing org, then deletes with backspace
-- make sure you have selected the single message you want to do this to first!!! Multiple selections not supported.
tell application "Mail" to activate
tell application "System Events"
   tell process "Mail"
      keystroke "u" using {command down, option down}
      keystroke "a" using {command down}
      keystroke "c" using {command down}
      keystroke "w" using {command down}
      keystroke "n" using {command down}
      delay 2
      keystroke "reportphishing@antiphishing.org"
      keystroke tab -- tabs to "CC:" field
      keystroke tab  -- tabs to "BCC:" field
      keystroke tab -- tabs to "Subject field"
      keystroke "Phishing Email source"
      keystroke tab
      keystroke "The attached email was sent to me and it appears to be a phishing scam."
      keystroke return
      keystroke return
      keystroke "----------"
      keystroke return
      keystroke "v" using {command down}
      keystroke "d" using {command down, shift down}
      delay 1
      keystroke (ASCII character 8) -- backward delete to delete the spam
   end tell
end tell
------
vince
------
User avatar
vinnie-bob
 
Posts: 218
Joined: Sun Jul 06, 2008 10:55 am
Location: Des Moines, Iowa, USA

Re: Spam & Phishing reporting...

Postby Scott » Wed Apr 24, 2013 10:43 am

vinnie-bob wrote:Script #1 for reporting Spam to FCC:


:lol: I am not sure how effective antiphishing.org is, but I can tell you sending anything to the FTC is nothing more than a waste of time. What's worse is that the Federal CanSpam Act precludes my state's laws which lets me go after spammers with very real damages. So, since the fed govt has now prevented me from doing anything other than making a useless report to the FTC, I just ignore it.

For Phishing scams, you can usually shut them down in a couple of days by identifying the host ISP and sending an email to "abuse@<ISP's domain> with a copy of the url. If it is trying to spoof any legitimate entity (like PayPal, eBay, Bank, etc.), I CC them as well.

But if you wish to continue to send these emails, the following is a more reliable method than using system events.

Code: Select all
tell application "Mail"
   set selectedmssgs to selection
   set the messageHeader to "<path to text file that has your introductory text>" --makes it easy to change without editing script
   set theSubject to "Spam Email source"
   set theSource to source of item 1 of selectedmssgs
   open for access alias messageHeader
   read alias messageHeader
   set theBody to the result & theSource
   close access alias messageHeader
   set myrecipient to "spam@uce.gov" as rich text
   set newMessage to make new outgoing message with properties {subject:theSubject, content:theBody & return & return}
   tell newMessage
      set visible to true
      set sender to "<your email address>"
      make new to recipient at end of to recipients with properties {address:myrecipient}
                send newMessage
   end tell
end tell
User avatar
Scott
Site Admin
 
Posts: 1217
Joined: Sat Jul 05, 2008 1:37 pm
Location: Northern Sierra Nevada

Re: Spam & Phishing reporting...

Postby vinnie-bob » Wed Apr 24, 2013 4:15 pm

the FTC is nothing more than a waste of time.


I'm not so sure about that. Of course, you won't see a drop in the particular spam in a day or two, but when I persist in reporting the same spam, it eventually seems to dry up. Whether or not this would have happened without my reporting it is open to speculation, but since the cost to me is the time it takes to type a few keystrokes, I don't sweat it.

the following is a more reliable method than using system events

I haven't really had any major problems with system events. And since the system events I'm sending are pretty much standard keyboard shortcuts, system events in this instance shouldn't be any less reliable than using a macro program to do the same thing, should it?

I think it is admirable that you have the time to cc the company that is being spoofed in phishing scams, but I just don't have the time to go searching for an email for a major company that would get that email in front of a human who I think might act on it. My goal is to move it out of my inbox as expeditiously as possible, with the slight possibility that where I am sending it might be useful. :lol:
------
vince
------
User avatar
vinnie-bob
 
Posts: 218
Joined: Sun Jul 06, 2008 10:55 am
Location: Des Moines, Iowa, USA

Re: Spam & Phishing reporting...

Postby Scott » Wed Apr 24, 2013 5:01 pm

My point was simply that you can script mail to do this directly, without having to rely on system events.

And regarding the FTC, trust me, they do not have the resources to follow up on all the spam complaints that they receive, not to mention most real spam has forged headers. Any spam from a legitimate entity will have an opt out process, and the FTC doesn't consider that spam (even if you never opted in).

As far as phishing scams are concerned, I am happy to put these folks out of business when I can, or at least inconvenience them severely. Due to them having a physical host for their crap, it makes it pretty quick and painless. I think it is our responsibility to police the net as best we can if we don't want the government involved. And I don't, as most legislators are pretty clueless when it comes to technology.
User avatar
Scott
Site Admin
 
Posts: 1217
Joined: Sat Jul 05, 2008 1:37 pm
Location: Northern Sierra Nevada


Return to Off Topic Lounge

Who is online

Users browsing this forum: No registered users and 1 guest

cron