Antivirus Software
  1. Home
  2. Computing & Technology
  3. Antivirus Software
photo of Mary Landesman
Mary's Antivirus Software Blog

By Mary Landesman, About.com Guide to Antivirus Software since 2000

How to Report a Phishing Scam

Wednesday March 28, 2007
A phishing scam email tries to trick you into clicking a link which leads to a spoofed website that only looks like the real bank or ecommerce site. If you enter your login details on the fake website, your username and password will be sent to the attackers. Using this method, attackers gain not only the login username and password, but quite often trick you into divulging your credit card and other sensitive information as well.

If you've fallen victim to a phishing scam, stop reading now and contact your financial institution(s) immediately by phone or in person.

If you've received a phishing email, haven't fallen victim, but want to report the email, here's how.

  1. You can usually send a copy to abuse@DOMAIN.com where DOMAIN.com signifies the company to which you are directing the email. For example, abuse@suntrust.com is the email address for sending phishing emails purporting to be from SunTrust Bank.
  2. If in the United States, you can also forward a copy to the Federal Trade Commission (FTC) using the address spam@uce.gov.
  3. You can also can visit the real website by using a pre-existing bookmark in your browser or typing the known good URL (link) into your browser. Do not use the link included in the phishing email! Once on the site, look for a viable contact resource. For example, at the very bottom of the page on the eBay website is a link titled "Security & Resource Center". Following that link takes you to a page that instructs you on how to submit "suspicious-looking email that appears to be from eBay or PayPal and you want eBay to take action." If you can't find a specific security resource, try looking for general contact or support contact details on the website.
  4. Do a domain name lookup, referred to as a whois, and get the contact details that way. Keep in mind that whois information is often grossly out-of-date and the email addresses listed therein are frequently unmonitored accounts. But still, it's worth a try. Popular whois servers include APNIC, ARIN, and Network Solutions.

Whichever method you choose, be sure to forward the email as an attachment so that the HTML encoding and header information is preserved; otherwise the email will be of little use for investigative purposes. Here's how to forward email as an attachment.

Leave a Comment
Comments
April 1, 2007 at 12:40 am
(1) Eizoh says:

I figured out how to get this off your computer if you become infected, it’s really rather simple but you have to be quick. Restart your computer or log off, and when you come back on, immediately go to the start bar and look in your program list. There should be a folder called startup, and the 00mpa l00mpa program should be located in there. You must delete it quickly, or else you wont have another chance unless you restart, because you can’t delete it while it’s playing. For a virus this is an extremely easy removal. Tell everyone you know and feel free to post this anywhere.

April 1, 2007 at 12:45 am
(2) Eizoh says:

Sorry, wrong place. Wasn’t paying attention haha.

Leave a Comment
Leave a Comment

Line and paragraph breaks are automatic. Some HTML allowed: <a href="" title="">, <b>, <i>, <strike>

Explore Antivirus Software
About.com Special Features
Family Tech Center

Stay connected and entertained with reviews on tips on the latest HDTVs, cellphones and more. More >

Connect Your Home Computers

Easy ways to connect two computers for networking purposes. More >

Antivirus Software
  1. Home
  2. Computing & Technology
  3. Antivirus Software

©2009 About.com, a part of The New York Times Company.

All rights reserved.