Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Distribution: RPM Distros,Mostly Mandrake Forks;Drake Tools/Utilities all the way!GO MAGEIA!!!
Posts: 986
Rep:
Phishing Emails with no included links
I get a few emails a month,both in my in box and in spam that masquerade as a shipper or paypall or the like. They state the issue needs my attention but there are no links in the email.
My question is ,what is the purpose of this? Is this a learning curve for a would be attacker or did it actually serve a purpose?
Thanks for your expertise!
Last edited by theKbStockpiler; 12-07-2018 at 05:57 PM.
I agree that these are probably sent to provoke a reply message, such as responding that the link wasn't included. In addition, if the user allows the download of inline images within their email client, these can be used as a tracking device.
In addition to what has already been suggested (phone number, answer incitement, attachment), one cannot forget that phishing is often done by very low-level delinquents so sometimes the fraudulent links are simply missing (I noticed it some times)...
some phishing mails and other UBE still include arbitrary text, in the headers for example, in the believe that it may fool Bayesian filters and render them inefficient. I had thought the futility of these attempts had become obvious years ago, but I still see it happen...
on the other hand.., I still receive Nigeria-Scums.
Last edited by Michael Uplawski; 12-10-2018 at 04:42 AM.
There is not subject line, but the mail appears to come from Amazon. The sender has not made any effort whatsoever to hide behind falsified addresses or the like.
Are you sure that this is phishing and what tells you so?
This just checks the IP address,correct? I comes up as invalid with a service you don't have to register with.
Could someone point me in the right direction on how to understand the Raw message? I assume it's code with a base of 16 but I'm just guessing. Is there a safe way to view the message without a filter?
Last edited by theKbStockpiler; 12-11-2018 at 04:43 PM.
Is there a safe way to view the message without a filter?
It's not always recommended. A fraudulent email could try to find a vulnerability in your email client and exploit it. Otherwise, it could just try to know if you opened it so your email address is validated and you will receive more spam/phishing or advanced threats like social engineering...
If you really want to open this mail, maybe you could make sure your email client is up-to-date and open the message in text-mode only (no HTML)?
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.