Spam & Phishing e-mail submission and collection

Business / Enterprise Security Products & Services Comodo AntiSpam Gateway - Hosted Anti Spam Service
1

Good day all,

As part of our efforts in Comodo Antispam Laboratory (CASL), we’re working on a 24/7 basis for the protection of our customers from spam and phishing emails and related threats. As part of the global “Threat Intelligence Laboratory”, in CASL we focus much on the proactive protection of phishing and spam, and our goal is to prevent threats before reaching our users. Recently we monitor that we’re short in finding new sample emails (spam or phishing) to analyze and develop prevention methods (that’s very good from one perspective but not from the other :))

For this reason, we have two requests from the community here in this forum, which helped much till now and continues to help us to improve our products and services.
1- we have created an email to report especially phishing attacks. “phishingalert[atbp]avlab.comodo.com” is the address where you may submit all kind of phishing emails you see as a threat. Whether it is from our products or not, we’ll be glad to analyze them. It is possible to just forward emails you receive, but in terms of better investigation, and thorough analysis we would prefer if you add the email as an attachment and send accordingly.

2- I find this request more effective and important than the first one: we are currently analyzing millions of emails per day, to identify new threats or spams. However, we need more and up-to-date spam/phishing emails, that targets real users. If you have some email accounts that you do not use anymore, that are full of spam or promotional emails, and open to use please send us these accounts information, so that we can utilize them for a good purpose. These are small honeypots for our data collection system and the intelligence we can build on.

We would be happy to get response to these 2 requests, as well as new ideas and suggestions.

Thank you for your support and cooperation

Kind regards

mod edit x 2: fixed email address, kail.

2

I’m not sure the email server that’s processing these emails is that thrilled about receiving phishing emails. 88)

554 Rejected: mail contains virus (in reply to end of DATA command
3

Too much thrill caused panic may be :slight_smile:

I’m fixing this. Will inform about updates.

4

You may use phishingalert[atbp]avlab.comodo.com

mod edit: fixed email address, kail.

5

That seems to work now. :slight_smile:

Any restrictions on the emails?

I would prefer to send the full email source, not decoded, in the body of an email from me. Is that OK?

6

sure, any format is ok.

7

Is sending multiple suspect emails per email allowed? If so, what delimiter between the emails would you like to see?

8

Single email per email is preferred. But if you want to submit multiple, you may put in an archive file or add them as separate attachments (as msg or eml file)

9

I’m currently just copying ‘n’ pasting the full email text as it was received from the POP server without any additional steps/software. Since I know (99.99%) that all of these are phishing emails (at best), I feel this is safer (for me).

10

Best way is to give an option to select spam messages and report to Comodo. This saves lot of time and will also encourage more submissions.

11

can you please be more specific? Do you mean adding a link inside the email as “Report Spam”?

12

something like the attached.

This is from Barracuda spam filter which I used before switching to comodo.

By this way, while going through email logs, I will be able to select all Spam like mails and submit to comodo with one click for inspection and train your filters.

[attachment deleted by admin]