You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@spamassassin.apache.org by hg user <me...@gmail.com> on 2023/02/15 19:50:19 UTC

How is this phishing attack called?

And how to intercept?

From time to time we receive a message that is a reply-to to an old
message, sometimes after months, with just several lines added at the top
inviting to open a url or attachment.

Has this kind of phishing a name?
How can I prevent it or at least flag it for review?

Thank you

Re: How is this phishing attack called?

Posted by Jared Hall <ja...@jaredsec.com>.

On 2/15/2023 2:50 PM, hg user wrote:
> And how to intercept?
>
> From time to time we receive a message that is a reply-to to an old 
> message, sometimes after months, with just several lines added at the 
> top inviting to open a url or attachment.
>
> Has this kind of phishing a name?

QakBot and Emotet malware bots all do this.  They've been battered, but 
they're still around.  Deceptively clever.

> How can I prevent it or at least flag it for review?

For some starters: Keep AntiVirus scanning software updated.  Use the 
OpenPhish and PhishTank URL lists.  Use URI RBL's.

>
> Thank you

-- Jared Hall