During the run up to Thanksgiving in the USA and of course the whole Black Friday, Small Store Saturday, Cyber Monday shopping extravaganza SPAM in the USA gets increasingly out of control.
You probably have e-mail spam filters, I do. I have many levels of spam filters from those at my ISP to those in my e-mail client and I even use GMail as a pass-through spam filter for some of my e-mail addresses.
Still spam gets through as does text spam. There isn't a fantastic amount you can do about e-mail spam if it makes it to your mailbox other than marking it as spam in a hope to train you spam filters. With SMS spam there are things you can do, at least in the US.
Forward the text message to "SPAM" (AKA: 7726) and your carrier will ask for the senders contact details. This is hopefully a surefire way to get them banned by the networks. Unfortuantely, like e-mail spam, the source address is quite possibly faked.
There is also ways to report Text Spam to the FTC although other than for statistically purposes I suspect this is useless.
Most unwanted text messages are annoying but harmless, like this one I received yesterday:
It was for a ghost writing service and I gave them a hard time about spamming me, then reported their text message.
Today however I received the following:
This one is not so harmless. I quick look indicates that it is probably a fake Wells Fargo Phishing Page. Sure enough it looks like this:
Obviously I'm smart enough to ignore this. Forward the text spam to AT&T so they can cut off their number and go on living my life.
Alternatively I can "do my bit" to stop others from falling victim to the phish.
A quick check of the domain shows that it was hosted by Quadranet Enterprises Llc in Dallas and created today with a brand new DNS entry. I contacted them via chat, they referred me to their abuse e-mail. I emailed [email protected] and an hour later received this:
Wonderful, Google bounced the e-mail message because it referred to a phishing site. I contacted Quadranet again and they said I should try a different e-mail address. At this point I got rather ranty about the fact that the guy (John) at the other end of the chat could have handled it for me but as he was "in Sales" it wasn't his department and didn't want to be helpful.
I used another (non-Googled based) e-mail address and sent them a message, this time it got through, with this response:
Our typical reaction time is 72 hours. If your abuse issue isn't handled within 96 hours please respond to this message or call us at: +1 213-614-9371 x1
Maybe I should have tried Twitter, seriously people, do hosting companies not really care.
While all this was happening I did what I should have done first, which is the
Number 1 thing to do when you discover a phishing site
Report it to Google, here: https://safebrowsing.google.com/safebrowsing/report_phish/?hl=en
Do that and news travels at the speed of the Internet.
Use Chrome and you'll get:
Try Safari, you'll get:
Try FireFox, you'll get the warning eventually as the information trickles from Google to them. They and Microsoft Edge are slower to respond but do get there.
All in all Google / Chrome seems to be doing the best to protect users. Hosting companies not so much. Often I try to get the DNS entries killed and have had some luck with this, except GoDaddy who really don't care about anything other than $$$.
If you get spam, please report it. Spam is never going to stop but at least you can stop somebody else having to suffer too.