Ask HN: How best to report phishing emails to a domain holder?
I have received a phishing email from an email address using the Northeastern Illinois University. I cannot find and address to which to send an email regarding this and get no response on Twitter.
What is the best way to report this?
14 comments
[ 3.1 ms ] story [ 40.1 ms ] threadIf you wanted to take it another step forward, here are the folks you could probably contact: https://ssb.neiu.edu/mercury_neiuprod/GZKDIRL.P_DISPLAY_DEPT...
Hope this helps.
I've had thousands of spam emails sent with senders listed as nonexistent addresses from one of my domains. They were sent from third-party servers (my servers were not compromised and I had no open relays), and I only found out because of all the bouncebacks from naive receiving servers.
The only thing the domain holder can do at that point is to set up DomainKeys and similar measures - which still won't prevent spammers from using the domain, it'll just cause more of the mail to bounce back as spam.
If it's an spoofed email, send an abuse report to the owner of that originating IP [+], including full headers and full body text.
[+] If the originating IP is from a country you know it won't give a shit, look for the next jump.
Flag as spam and move on with your life.
I'm no longer at an .edu (and so no longer a member of REN-ISAC) but this was a great, quick way to get ahold of someone at another institution quickly.
(n.b.: This goes for pretty much any .edu.)
If not, try abuse, postmaster, webmaster, et al like suggested by others already.