# Phishing Emails ...



## Rhisiart (Jan 28, 2018)

I know Bob's Place is mainly for light stuff but I didn't know where else to ask this question.

I am getting up to 20 phishing emails a day from China. I know they are from China because if I hover the mouse over one of the bogus links in the email I can see that if I clicked on the link I would be taken to a site in China (having looked up these addresses on the Whois Database).

The emails really look like they are from genuine companies, such as Google, Facebook and delivery companies like FedEx. The quality of the emails are very good (i.e. they look very convincing), but when checking the senders email addresses I see that the scammers have used stolen addresses from genuine email accounts.

Therefore I do not know how to block these emails using filters, because clearly if I attempted to block each one of what looks like a genuine email address it would take a very long time.

I have included a screenshot of one of these scammers.

Does anyone have or had a similar problem and have any suggestions as to how to deal with them?


----------



## Cheryl (Jan 28, 2018)

I moved your post so more people will see it. 

You are smart to hover over the links to check out the real url. I get similar spam, but I don’t filter them. I just give it the thumbs down junk status in Mail, then delete. These emails are just like those spam phone calls that fake the incoming phone number. They change the 'from email' daily (if not hourly) and keep trying to get a sucker. You would be spending much of your time setting up filters - or figuring out what to filter only to get more because the spammers will change their set up. 

I don’t bother with the unsubscribe link either - if there is one. That just tells them they have a live person reading their emails. Just delete. 

And no, they can not tell if you opened or read their emails. They only succeed if your click on their links.


----------



## Rhisiart (Jan 28, 2018)

Cheryl said:


> I moved your post so more people will see it.
> 
> You are smart to hover over the links to check out the real url. I get similar spam, but I don’t filter them. I just give it the thumbs down junk status in Mail, then delete. These emails are just like those spam phone calls that fake the incoming phone number. They change the 'from email' daily (if not hourly) and keep trying to get a sucker. You would be spending much of your time setting up filters - or figuring out what to filter only to get more because the spammers will change their set up.
> 
> ...



Thanks Cheryl. Actually the 'unsubscribe' links are also bogus and will result in a can of worms if clicked on.


----------



## Satcomer (Jan 30, 2018)

Over the years I have made it a policy to NEVER click on link inside an email! Plus I don't open attachments in emails unless I'm expecting one! This have kept me safe at work (Windows machine) and home (Mac) over the years! If you follow these personal steps you could be safe too!


----------



## ScottW (Jan 30, 2018)

Usually, the content of the emails are largely the same, so you can look through them and pick out the content that is similar, then set up a rule to scan for the message body for matches and then move to your spam bucket or trash folder automatically. Pick a phrase that is most likely not to ever create a false positive for you. You can always add a safeguard to the rule by simply negating any emails that are from folks in your address book or previous emails you have sent an email too.

I've been a big fan of SaneBox and have used it for many years. It has many powerful features and self-learning rules that allow your mailbox to be managed, whether or not your main mail reader is active and connected and running all the time. While there are ways to have emails auto-deleted and new features, based on subject or I believe body text, there is not "spam filter" provided in the service, but it can scan your spam folder for any potential false positives and alert you to that. Why I love SandBox is that it keeps the noise out of my inbox and I don't have to be diligent about keeping rules up-to-date on my mail app to keep it that way.


----------



## Rhisiart (Jan 30, 2018)

Satcomer said:


> Over the years I have made it a policy to NEVER click on link inside an email! Plus I don't open attachments in emails unless I'm expecting one! This have kept me safe at work (Windows machine) and home (Mac) over the years! If you follow these personal steps you could be safe too!



I don't click on links in an email.


----------



## Rhisiart (Jan 30, 2018)

ScottW said:


> Usually, the content of the emails are largely the same, so you can look through them and pick out the content that is similar, then set up a rule to scan for the message body for matches and then move to your spam bucket or trash folder automatically. Pick a phrase that is most likely not to ever create a false positive for you. You can always add a safeguard to the rule by simply negating any emails that are from folks in your address book or previous emails you have sent an email too.
> 
> I've been a big fan of SaneBox and have used it for many years. It has many powerful features and self-learning rules that allow your mailbox to be managed, whether or not your main mail reader is active and connected and running all the time. While there are ways to have emails auto-deleted and new features, based on subject or I believe body text, there is not "spam filter" provided in the service, but it can scan your spam folder for any potential false positives and alert you to that. Why I love SandBox is that it keeps the noise out of my inbox and I don't have to be diligent about keeping rules up-to-date on my mail app to keep it that way.



Thanks Scott. Good advice!


----------



## Doctor X (Feb 24, 2018)

I usually block the IPs. If someone from China wishes to correspond with me, I have previously made their acquaintance.

A major problem is *Gmail* which has nonexistent filtering. "Block" just send it to a "Spam" assuming it does not simply send it right to your Inbox. There is no way to block IPs. You will find, with experience, certain IPs are notorious which is why I have little spam on clients that allow that block.

--J.D.


----------



## Cheryl (Feb 24, 2018)

Blocking IPs can only go so far. They can fake IPs or use what appears to be roaming IPs. Each attempt to send an email (or post to a forum) will show a totally different IP. They do the same with email addresses - and phone calls for that matter. I had a scam phone call that actually used my own phone number to show up on caller ID. 

Here’s a recent video that an Oklahoma sheriff received:  http://kfor.com/2018/02/23/watch-irs-scammer-calls-oklahoma-county-deputy/


----------



## Satcomer (Jun 21, 2018)

I’ve come to conclusion that this will become worse in the future sense it seem many (including small businesses) are going to Cloud (Gmail, iCloud only) and forgoing the computer email client! So we have less tools to stop the spam reaching you!


----------



## Doctor X (Jun 21, 2018)

I blame the teeny-boopers with their bobby socks, hot rods, and the rock and roll.

And Chad.

Because Chad.

--J.D.


----------



## WrathMason (Nov 5, 2018)

I am getting up to 20 phishing emails a day from China. I know they are from China because if I hover the mouse over one of the bogus links in the email I can see that if I clicked on the link I would be taken to a site in China (having looked up these addresses on the Whois Database). 

Thanks for it


----------



## Doctor X (Nov 5, 2018)

You can report them to www.phishtank.com.

--J.D.


----------

