Processing phishing emails - Rainbow Digital Media

In the past I have simply consigned phishing emails to the junk folder, and many still end up there today, but we do need to take more active steps to ensure phishing sites have a hard time staying in business. The gov.uk website now has a portal for reporting phishing and so forwarding problem emails to report@phishing.gov.uk so this should be the first port of call for any problem emails, rather then just the trash can. But can we do any more?

I have in the past also forwarded to any contact details of websites used to serve up the fraudulent web pages. The legitimate host of the domain may well not be aware that the activity is being hosted on their domain and so in the past warnings usually got a courtious reply and the content was cleared. That the content was there is often due to other illegal activity such as the site having been hacked, although in the past some sites have been cloned and the whole thing is a scam. These are the domians that nowadays get picked up by the blocking services and your browser may well give a warning page rather then any problem content.

Nowadays the hosting tends to be hidden behind other services such as provided by google. Services that provide 'shortend url's (which I have never seen the point of) were popular for a time, but still forward to a real problem one. Reporting short url's to that service always has a fast response. One of my recent emails is using a service on ipfs.io to hide the location and after a little digging it became apparent that this service has it's own abuse service and in addition to forwarding to the gov.uk mailbox, these emails should be forwarded to abuse@ipfs.io as well.

In the past I seem to remember Firefox having a link to report the problem URL's to update their filtering database, but that seems to have disappeared and you can only report pages that are not working correctly in Firefox. Something else to dig into at some point. Although google's reporting page is still around. It's a pity I use DudkDuckGo instead to avoid all the crap google spews out, and that has opened another thread to follow.