[SC-Help] Paypal/Ebay reporting error (deputies?)

[Mike Easter]

Blammo wrote:
> Mike Easter

>> Actually there are guidelines at phish help sites for how to go about
>> notifying about phishes, including central phish places.  In fact,
>> sometimes /only/ the central phish place wants to know, and the phish
>> entity doesn't want to know/ care/ about the/your spam problem.
>
> Some of these places want you to go through too much trouble, you
> have to find the page, read the instructions, then do it their way
> which is often copy-paste bologna.

Very true;  once you figger out that the phishbait isn't at all
interested in the spamscam you've received about them, you pretty much
lose interest in notifying them about it.  Which I think is just fine
with them.

A high percentage of them feel that they don't want their customers to
get scammed, but they aren't at all interested in all of that spam.
They would like to develop themselves something at their website that
they feel is helpful and preventative of problems, but they do not want
to be receiving notification of all of those phishes.  The assumption
that the spamee makes that they want to hear about it is largely
unjustified.  Some of them apparently want to hear about everything, but
not many.

That's why I say that each person who wants to notify the phishbait
about the spam shouldn't assume that they should do that, but should
familiarize themselves with the particulars of a few popular ones.

> But I've sent user reports via Spamcop to
> spoof at paypal.com, and I don't see a problem with that.

That's what we are discussing.  I'm talking about the problem with that.
By the definitions of what is a spamvertiser and what is an IB, paypal
is an IB in a phish.  The fact that spamcop and paypal are 'cooperating'
and offering that spoof address is an unfortunate 'misdirection' because
it is inappropriate.

It, SC's reporting of paypal the IB as a spamvertiser to the paypal
spoof address, is an inappropriate usage of the spoof address and it
makes it look like all phish related SC reports should 'generally'
report the phishbait as if it were a spamvertiser, when that isn't the
general case at all, but some kind of special cooperation between paypal
and SC.  My thinking is that paypal doesn't want them at all, and it
certainly doesn't want them sent to a 'normal' paypal abuse address.  I
expect that paypal and SC have agreed to have SC reports about paypal
spamvertisements go to the spoof address and then everything from SC to
spoof is bit bucketed.

So, the problem with that business of inappropriate misdirection is that
it might cause appropriate paypal spamvertiser notifies to go into the
same bitbucket with the inappropriate phishbait ones.

> It's not
> reporting the URL, but the eMail as a spoof.

No, it /is/ reporting the url as a spamvertised url.  That's what a
spamcop report about a URL is.  If a person is a paid reporter, it would
be appropriate to uncheck the paypal phishbait address and then add it
back in as an additional notify, since the additional notify doesn't
represent a provider of a spamsource or a spamvertiser, but simply an
additional notify for some other reason.  In the case of the phishbait,
the other reason is because it is phishbait.

> I've done a CC to them,
> but it's usually easier to use Spamcop, since I'm reporting it anyway.


-- 
Mike Easter
kibitzer, not SC admin