Hotmail

[Jim]

Is it just me, or has there been a significant increase in the number of
fraudulent phishing type scams on the Hotmail service bulk email folder?
dUh...when are they going to do something about it?! I usually would submit
these to abuse@hotmail.com or whichever mail service I am using at the time.
At Hotmail the complaint gets the auto-response of no action taken. It is
almost as if by elimination they are looking for who we don't have an
account with...

 

[Shenan Stanley]

Jim wrote:
> Is it just me, or has there been a significant increase in the
> number of fraudulent phishing type scams on the Hotmail service
> bulk email folder? dUh...when are they going to do something about
> it?! I usually would submit these to abuse@hotmail.com or whichever
> mail service I am using at the time. At Hotmail the complaint gets
> the auto-response of no action taken. It is almost as if by
> elimination they are looking for who we don't have an account
> with...


Spam and phishing - no matter what anyone does will get worse and worse.

--
Shenan Stanley
MS-MVP
--
How To Ask Questions The Smart Way
http://www.catb.org/~esr/faqs/smart-questions.html

 

[PA Bear [MS MVP]]

[Crossposted to Internet Mail newsgroup]

You could tweak your Junk Mail, etc., filters. See links here:
http://emailsupport.spaces.live.com/blog/cns!5D6F5A79A79B6708!5828.entry
--
~Robear Dyer (PA Bear)
MS MVP-IE, Mail, Security, Windows Desktop Experience - since 2002
AumHa VSOP & Admin http://aumha.net
DTS-L http://dts-l.net/

Jim wrote:
> Is it just me, or has there been a significant increase in the number of
> fraudulent phishing type scams on the Hotmail service bulk email folder?
> dUh...when are they going to do something about it?! I usually would
> submit
> these to abuse@hotmail.com or whichever mail service I am using at the
> time.
> At Hotmail the complaint gets the auto-response of no action taken. It is
> almost as if by elimination they are looking for who we don't have an
> account with...

 

[S. Pidgorny]

The OP reported that the ncreased activity is observed in the Bulk Email
folder. That means the filters are doing decent job - otherwise spam would
end up in the inbox.

--
Svyatoslav Pidgorny, MS MVP - Security, MCSE
-= F1 is the key =-

* http://sl.mvps.org * http://msmvps.com/blogs/sp *

"PA Bear [MS MVP]" <PABearMVP@gmail.com> wrote in message
news:eOICTlUuIHA.1772@TK2MSFTNGP03.phx.gbl...
> [Crossposted to Internet Mail newsgroup]
>
> You could tweak your Junk Mail, etc., filters. See links here:
> http://emailsupport.spaces.live.com/blog/cns!5D6F5A79A79B6708!5828.entry
> --
> ~Robear Dyer (PA Bear)
> MS MVP-IE, Mail, Security, Windows Desktop Experience - since 2002
> AumHa VSOP & Admin http://aumha.net
> DTS-L http://dts-l.net/
>
> Jim wrote:
>> Is it just me, or has there been a significant increase in the number of
>> fraudulent phishing type scams on the Hotmail service bulk email folder?
>> dUh...when are they going to do something about it?! I usually would
>> submit
>> these to abuse@hotmail.com or whichever mail service I am using at the
>> time.
>> At Hotmail the complaint gets the auto-response of no action taken. It is
>> almost as if by elimination they are looking for who we don't have an
>> account with...
>

 

[PA Bear [MS MVP]]

True, but OP could create filters such that none of these messages would end
up in Bulk/Junk Mail folder to begin with.

S. Pidgorny <MVP> wrote:
> The OP reported that the ncreased activity is observed in the Bulk Email
> folder. That means the filters are doing decent job - otherwise spam would
> end up in the inbox.
>
>> [Crossposted to Internet Mail newsgroup]
>>
>> You could tweak your Junk Mail, etc., filters. See links here:
>> http://emailsupport.spaces.live.com/blog/cns!5D6F5A79A79B6708!5828.entry
>> --
>> ~Robear Dyer (PA Bear)
>> MS MVP-IE, Mail, Security, Windows Desktop Experience - since 2002
>> AumHa VSOP & Admin http://aumha.net
>> DTS-L http://dts-l.net/
>>
>> Jim wrote:
>>> Is it just me, or has there been a significant increase in the number of
>>> fraudulent phishing type scams on the Hotmail service bulk email folder?
>>> dUh...when are they going to do something about it?! I usually would
>>> submit
>>> these to abuse@hotmail.com or whichever mail service I am using at the
>>> time.
>>> At Hotmail the complaint gets the auto-response of no action taken. It
>>> is
>>> almost as if by elimination they are looking for who we don't have an
>>> account with...

 

[Jim]

Thanks to all of you for your responses.

I have been running on "custom" high security settings lately [US-CERT] and
this makes
visiting windows live/hotmail difficult, but not impossible too place in
Trusted zone. I do use MSOEv.6 and sometimes TB.
*_The HTTP server does not allow message rules from these applications.

Although a Trusted Z [what is the best wildcard?] is not difficult to
perform for browser access purposes, I do
not see in the filter list a way to exclude numerous financial groups from
the junk/bulk folder. If I run with privacy settings at medium-high, this is
pretty good and functional. Currently I have "custom" privacy settings too,
e.g. session/prompt. I also use AS online scan/filtering of tracking cookies
and spy/adware. I cleanboot the system every week with maintenance.

I do not read any real descriptive information in those emails, only the
classic phish/ fraud come-on. It would be nice if Hotmail would filter these
out of even the junk mail folder. I like to keep Hotmail open to the outside
world.

"PA Bear [MS MVP]" <PABearMVP@gmail.com> wrote in message
news:eOICTlUuIHA.1772@TK2MSFTNGP03.phx.gbl...
> [Crossposted to Internet Mail newsgroup]
>
> You could tweak your Junk Mail, etc., filters. See links here:
> http://emailsupport.spaces.live.com/blog/cns!5D6F5A79A79B6708!5828.entry
> --
> ~Robear Dyer (PA Bear)
> MS MVP-IE, Mail, Security, Windows Desktop Experience - since 2002
> AumHa VSOP & Admin http://aumha.net
> DTS-L http://dts-l.net/
>
> Jim wrote:
> > Is it just me, or has there been a significant increase in the number of
> > fraudulent phishing type scams on the Hotmail service bulk email folder?
> > dUh...when are they going to do something about it?! I usually would
> > submit
> > these to abuse@hotmail.com or whichever mail service I am using at the
> > time.
> > At Hotmail the complaint gets the auto-response of no action taken. It
is
> > almost as if by elimination they are looking for who we don't have an
> > account with...
>

 

[N. Miller]

On Mon, 19 May 2008 13:56:42 -0400, Jim wrote:

> I do not read any real descriptive information in those emails, only the
> classic phish/ fraud come-on. It would be nice if Hotmail would filter these
> out of even the junk mail folder.

Eh? The whole purpose of the Junk folder is to hold suspicious email for
evaluation against possible false positives.

> I like to keep Hotmail open to the outside world.

You want to have your cake, and eat it, too. Can't be done. If anybody had
discovered a 100% reliable method of blocking spam (as contrasted with just
filtering it), they'd be rich, and the spammers out of business.

--
Norman
~Oh Lord, why have you come
~To Konnyu, with the Lion and the Drum

 

[Jim]

I said an increase in the incidents of phish/fraud in the junk/bulk folder.
Things to be reported to Abuse@hotmail.com and/or www.Abuse.net

"N. Miller" <anonymous@msnews.aosake.net> wrote in message
news:ke760n3qldrd$.dlg@msnews.aosake.net...
> On Mon, 19 May 2008 13:56:42 -0400, Jim wrote:
>
> > I do not read any real descriptive information in those emails, only the
> > classic phish/ fraud come-on. It would be nice if Hotmail would filter
these
> > out of even the junk mail folder.

...dUh... and Eh? seem similar enough. Why burden the end user with known
stuff?

> Eh? The whole purpose of the Junk folder is to hold suspicious email for
> evaluation against possible false positives.
>
> > I like to keep Hotmail open to the outside world.
>
> You want to have your cake, and eat it, too. _ If anybody had
> discovered a 100% reliable method of blocking spam (as contrasted with
just
> filtering it), they'd be rich, and the spammers out of business.
That's why I bake a cake, to eat it.
> --
> No man.
> ~Oh Lord, why have you come
> John 8:32

The Bayesian technique is helpful in convergence filtering. A database with
one to one correspondence of the results. IP identifiers that traceroute.
All that server side. Contact local authorities. Certainly most are outside
US like (Largos Nigeria the new Chicago)... but a little sweetening of the
pie [our State Dept.] in order to curb the activity usually works there.
Despite what some might think about Largos, many of these people are smart
and creative in this crime. The US does quite a lot of biz there.$. Lastly,
this is crime and not just in this country. It has persisted for some time
now and needs to be kicked up a notch.

 

[S. Pidgorny]

G'day:


"N. Miller" <anonymous@msnews.aosake.net> wrote in message

> You want to have your cake, and eat it, too. Can't be done. If anybody had
> discovered a 100% reliable method of blocking spam (as contrasted with
> just
> filtering it), they'd be rich, and the spammers out of business.

Not really. I know a way: only accept messages that are digitally signed by
explicitely trusted correspondents.

--
Svyatoslav Pidgorny, MS MVP - Security, MCSE
-= F1 is the key =-

* http://sl.mvps.org * http://msmvps.com/blogs/sp *

 

[Jim]

I would do that with a personal CA, unfortunately the Digital ID connect
button in msoev.6 ~ is not connecting to anywhere. I went back to Thawte and
they wanted me to tweak the browser into an unsafe mode allowing many active
x and scripting etc. I happen to have an older os, win98se and I like it,
but I have not found a CA since the early 2k days. Currently I rely on the
trusted root and intermediate CA providers in the cert store on board. As
gas prices go up and up I think I will need to get one to save on certain
long biz trips to the Farm Service Agency just to sign contracts. You would
think that the U.S. Government would be up to snuff on these things by
now...ha!
"S. Pidgorny <MVP>" <slavickp@yahoo.com> wrote in message
news:%23ZRIYZxuIHA.516@TK2MSFTNGP04.phx.gbl...
> G'day:
>
>
> "N. Miller" <anonymous@msnews.aosake.net> wrote in message
>
> > You want to have your cake, and eat it, too. Can't be done. If anybody
had
> > discovered a 100% reliable method of blocking spam (as contrasted with
> > just
> > filtering it), they'd be rich, and the spammers out of business.
>
> Not really. I know a way: only accept messages that are digitally signed
by
> explicitely trusted correspondents.
>
> --
> Svyatoslav Pidgorny, MS MVP - Security, MCSE
> -= F1 is the key =-
>
> * http://sl.mvps.org * http://msmvps.com/blogs/sp *
>
>

 

[Jim]

I see how to change the trust status of a digital id, but I do not see how
you set the message rules. Also, Hotmail is not allowing the message rules
to work with the http sever. At least the last time I tried to block stuff
that is what happen.

"S. Pidgorny <MVP>" <slavickp@yahoo.com> wrote in message
news:%23ZRIYZxuIHA.516@TK2MSFTNGP04.phx.gbl...
> G'day:
>
>
> "N. Miller" <anonymous@msnews.aosake.net> wrote in message
>
> > You want to have your cake, and eat it, too. Can't be done. If anybody
had
> > discovered a 100% reliable method of blocking spam (as contrasted with
> > just
> > filtering it), they'd be rich, and the spammers out of business.
>
> Not really. I know a way: only accept messages that are digitally signed
by
> explicitely trusted correspondents.
>
> --
> Svyatoslav Pidgorny, MS MVP - Security, MCSE
> -= F1 is the key =-
>
> * http://sl.mvps.org * http://msmvps.com/blogs/sp *
>
>

 

[PA Bear [MS MVP]]

[Right pew, wrong church: OE Message Rules are not applied WebDAV/HTTP mail,
only POP3 mail.]

Jim wrote:
> ...Also, Hotmail is not allowing the message rules
> to work with the http sever...

 

[N. Miller]

On Thu, 22 May 2008 16:45:23 -0400, Jim wrote:

> I see how to change the trust status of a digital id, but I do not see how
> you set the message rules. Also, Hotmail is not allowing the message rules
> to work with the http sever. At least the last time I tried to block stuff
> that is what happen.

The only rules which apply to Hotmail are the ones set on the server. You
*can* create rules through the web access, but you can't set rules in MSOE
on HTTPMail, or IMAP account.

--
Norman
~Oh Lord, why have you come
~To Konnyu, with the Lion and the Drum

 

[Jim]

yes,
I meant msoe is not allowed to apply message rules on the http hotmail
server. It is working on my other pop3 accounts though and most private ssl
etc. biz goes on with those accounts. I save Hotmail for specifically
connecting with the outside world and the other for the inner world of
family biz and people I have a specific extended biz relationship with. I
can rig Hotmail this way, but have not lately.

I had a cert long ago, ~2k Thawte freemail personal, but have since found it
difficult connect to the approved MS websites and have relied on the trusted
root CA in the store onboard for ssl. I do not know why the link is not
working for me and I have seen some website at MS for this function. I could
also use the bank, which I believe have CA and notary ability. All of my
pop3 mail goes thru ssl so I don't need it...this I am not certain of, but I
am assuming there is no real need of a personal CA there.

"PA Bear [MS MVP]" <PABearMVP@gmail.com> wrote in message
news:Ox5%23XdQvIHA.2068@TK2MSFTNGP05.phx.gbl...
> [Right pew, wrong church: OE Message Rules are not applied WebDAV/HTTP
mail,
> only POP3 mail.]
>
> Jim wrote:
> > ...Also, Hotmail is not allowing the message rules
> > to work with the http sever...
>

 

[Jim]

thanks,

"N. Miller" <anonymous@msnews.aosake.net> wrote in message
news:qai63u3eywi2.dlg@msnews.aosake.net...
> On Thu, 22 May 2008 16:45:23 -0400, Jim wrote:
>
> > I see how to change the trust status of a digital id, but I do not see
how
> > you set the message rules. Also, Hotmail is not allowing the message
rules
> > to work with the http sever. At least the last time I tried to block
stuff
> > that is what happen.
>
> The only rules which apply to Hotmail are the ones set on the server. You
> *can* create rules through the web access, but you can't set rules in MSOE
> on HTTPMail, or IMAP account.
>
> --
> Norman
> ~Oh Lord, why have you come
> ~To Konnyu, with the Lion and the Drum

 

[PA Bear [MS MVP]]

> I meant msoe is not allowed to apply message rules on the http hotmail
> server.

It's really not a question of "being allowed," it's the fact that it OE
doesn't do it.


Jim wrote:
> yes,
> I meant msoe is not allowed to apply message rules on the http hotmail
> server. It is working on my other pop3 accounts though and most private
> ssl
> etc. biz goes on with those accounts. I save Hotmail for specifically
> connecting with the outside world and the other for the inner world of
> family biz and people I have a specific extended biz relationship with. I
> can rig Hotmail this way, but have not lately.
>
> I had a cert long ago, ~2k Thawte freemail personal, but have since found
> it
> difficult connect to the approved MS websites and have relied on the
> trusted
> root CA in the store onboard for ssl. I do not know why the link is not
> working for me and I have seen some website at MS for this function. I
> could
> also use the bank, which I believe have CA and notary ability. All of my
> pop3 mail goes thru ssl so I don't need it...this I am not certain of, but
> I
> am assuming there is no real need of a personal CA there.
>
> "PA Bear [MS MVP]" <PABearMVP@gmail.com> wrote in message
> news:Ox5%23XdQvIHA.2068@TK2MSFTNGP05.phx.gbl...
>> [Right pew, wrong church: OE Message Rules are not applied WebDAV/HTTP
>> mail, only POP3 mail.]
>>
>> Jim wrote:
>>> ...Also, Hotmail is not allowing the message rules
>>> to work with the http sever...

 

[Jim]

Thanks for clarifying that point.

"PA Bear [MS MVP]" <PABearMVP@gmail.com> wrote in message
news:epm7i9FwIHA.5472@TK2MSFTNGP06.phx.gbl...
> > I meant msoe is not allowed to apply message rules on the http hotmail
> > server.
>
> It's really not a question of "being allowed," it's the fact that it OE
> doesn't do it.
>
>
> Jim wrote:
> > yes,
> > I meant msoe is not allowed to apply message rules on the http hotmail
> > server. It is working on my other pop3 accounts though and most private
> > ssl
> > etc. biz goes on with those accounts. I save Hotmail for specifically
> > connecting with the outside world and the other for the inner world of
> > family biz and people I have a specific extended biz relationship with.
I
> > can rig Hotmail this way, but have not lately.
> >
> > I had a cert long ago, ~2k Thawte freemail personal, but have since
found
> > it
> > difficult connect to the approved MS websites and have relied on the
> > trusted
> > root CA in the store onboard for ssl. I do not know why the link is not
> > working for me and I have seen some website at MS for this function. I
> > could
> > also use the bank, which I believe have CA and notary ability. All of my
> > pop3 mail goes thru ssl so I don't need it...this I am not certain of,
but
> > I
> > am assuming there is no real need of a personal CA there.
> >
> > "PA Bear [MS MVP]" <PABearMVP@gmail.com> wrote in message
> > news:Ox5%23XdQvIHA.2068@TK2MSFTNGP05.phx.gbl...
> >> [Right pew, wrong church: OE Message Rules are not applied WebDAV/HTTP
> >> mail, only POP3 mail.]
> >>
> >> Jim wrote:
> >>> ...Also, Hotmail is not allowing the message rules
> >>> to work with the http sever...
>