[Outages-discussion] AmEx Phishing to Outages Email Address
Jonathan Lassoff
jof at thejof.com
Fri Nov 15 13:27:22 EST 2024
I’m sorry to say, only respectable mailers respect the local name extension.
It is very easy and common for spammers to just slice that extra part of
the string off.
If you’re passionate about leak identification like this, you may need
something that sends any local part to you (e.g. amex at me.example.com)
Ironically, this strategy tends to gather even more spam ;)
On Fri, Nov 15, 2024 at 01:46 Paul M - outages via Outages-discussion <
outages-discussion at outages.org> wrote:
> I ALWAYS use a unique email address for every signup.
>
> Where possible, I use paul+nameofthing@ and let google strip the + and
> everything after. Some services won't accept a + and so I have an catchall
> and account and then use paul-nameofthing and detect the "paul" in the
> email and forward that to my main mailbox. Works well. I used to see a lot
> of spam sent to addresses which could only have been leaked by large
> corporations, not so much now. I can then block addresses which have
> leaked. I use the recipient email address to automatically tag and filter
> emails.
>
> Email which goes directly to me is tagged specifically as direct-to-me.
> This makes it it much easier to read the important stuff from friends, as
> opposed to, say, special offers sent to paul+hotels@
>
>
> _______________________________________________
> Outages-discussion mailing list
> Outages-discussion at outages.org
> https://puck.nether.net/mailman/listinfo/outages-discussion
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://puck.nether.net/pipermail/outages-discussion/attachments/20241115/39515f71/attachment.htm>
More information about the Outages-discussion
mailing list