Catch up on stories from the past week (and beyond) at the Slashdot story archive

 


Forgot your password?
Close
typodupeerror
Yahoo!

Journal damn_registrars's Journal: Does Yahoo Even Care Anymore? 4

Journal by damn_registrars
I'm certainly not the only person who has seen spam and phishing emails that were made possible by our buddies at yahoo.com and their free email service. And I recall a time when sending complaints about either to

abuse@yahoo.com

actually resulted in account shutdown and useful actions taken by yahoo.

It seems, however, that time is gone. Not sure how long ago it went away but it no longer seems to exist. Last week I received a phishing email with a reply-to address of

federal_bureau_investigationdept@yahoo.com

Which of course was impersonating someone from the FBI. This particular scam seemed to be a derivative of the classic Nigerian 419 scam. The person or people behind it were trying to pose as FBI agents monitoring people who were moving money around with Nigerians.

At any rate, I forwarded the message, with headers, to our friends at yahoo.com. Twice they replied complaining that I sent the message as an attachment rather than inline (I used the default method for including headers in pine). So then I resent it, inline. They then replied

At this point I should also mention that the problem was not in the headers - I forwarded with the headers because yahoo won't even look at an email sent to abuse@yahoo.com if it doesn't have the headers (or isn't sent in-line). What I was trying to bring to their attention was the fact that a yahoo.com address was used for the reply-to, and was hence the recipient of the identity information that people may have been sending.

I understand your frustration in receiving unsolicited email. While we investigate all reported violations against the Yahoo! Terms of Service (TOS), in this particular case the message you received was not sent through the Yahoo! Mail system.

Which was something I already knew. Of course these conclusions could only be come to if they scanned the headers and ignored the body. Which is probably why the same automated message also said

Yahoo! has no control over activities outside its service, and therefore we cannot take action. You may try contacting the sender's email provider, by identifying the sender's domain and contacting the administrator of that domain. The sender's provider should be in a better position to take appropriate action against the sender's account.

Which of course only goes further from what I was trying to accomplish. Of course I already knew that the email didn't come from yahoo.com. My complaint to them was over the email address that it was asking replies to go to. Their attempt to "personalize" the reply at the end was somewhat amusing:

Please let me know if you still need assistance so I may assist you further.

Your patience during this process is greatly appreciated.

Thank you again for contacting Yahoo! Mail.

Regards,

Jean

As if placing a random name at the end will somehow convince me that a human being read my message. I sent a reply to this - which only goes back to abuse@yahoo.com - to see if there was anyone there once a ticket was opened (though I already have reason to believe that is not the case).

I can say to their credit, however, that the email address

federal_bureau_investigationdept@yahoo.com

does not exist at the current time. That of course doesn't mean that it didn't exist before - it likely did and someone probably made off fairly well with it. I sent an email to that address today and was returned with a 554 error.

Though the real question is how long did it take yahoo to pull their collective heads from their collective asses on this one address and shut it down.


Edit: I was likely not clear enough that the problem with the email I was trying to bring to yahoo's attention was not in the headers per say. The email was not delivered by a yahoo.com server or through a yahoo.com address. Rather, the email was asking for identifying information to go to a yahoo.com address.

This discussion has been archived. No new comments can be posted.

Does Yahoo Even Care Anymore? More

Does Yahoo Even Care Anymore?

Comments Filter:
  • The header could have been spoofed. When I had the domain mcgrew.info I got a LOT of angry email from people thinking I'd sent them spam, from addresses I hadn't even set up.

    • The header could have been spoofed

      This probably means I didn't do a very good job explaining this email. I was trying to get yahoo's attention about it because the message itself was asking people to reply to the bogus fbi address that was actually a yahoo.com address. The culprits behind it didn't need to fake the headers, since they didn't use them anyways.

      My frustration with yahoo was that the address that was receiving the replies from this was a yahoo.com address. Like most spam / phishing emails the message itself was sent thro

      • Re: (Score:2)

        by mcgrew ( 92797 ) *
        Ah, then your post makes more sense. You should edit it to make that more clear.

        • You should edit it to make that more clear.

          Just did that now. Thanks for pointing that out - I have a habit of writing ambiguously at times.

Slashdot Top Deals

"Consequences, Schmonsequences, as long as I'm rich." -- "Ali Baba Bunny" [1957, Chuck Jones]

Close