

Ask HN: What can i do with a malicious email? - classicsnoot

My brother has been working in the Film Industry on both coasts for ~10 years, so when he clicked on a link telling him to sign in to verify that he could access important documents [i know, i know...] he ended up blasting ~500 people with the same email. His work, and his reputation, is such that many people, like him, thought it was a script or contract or somesuch. Many people were tagged. I was on the list as well, but it seems obvious to me that anything that asks you to log in to a service you are currently logged into is instinctively a bad idea.<p>My question is: Is there anywhere i can send the malicious email so that someone can safely look at it and potentially expose the [IMO crafty] jerk who did this? I tried to send it to Google but i could not find a logical place to submit it.<p>I know this may seem like a pleb tier problem, but there were a lot of people with very sensitive info that potentially got tagged.
======
mtmail
Let's say the person in question had a gmail address and you contact Google
via abuse@ or customer service. They won't investigate much based on a claim
from another user. Maybe delete the user for breaching terms of service, but
expect no follow up.

Best option for you or your brother is going to the police. They have
processes to then ask (again just an example) Google for further information.
That's usually a list of IP addresses and any information the user gave during
sign-up (often fake). The IP addresses might also lead to nothing.

~~~
mtmail
That's also the reason why "cybercrime" is increasing and police force is
asking for more funds. Be it ebay fraud, identify theft or stolen/misdirected
funds from a credit card payment, it's all called cybercrime.

------
xyclos
If the link leads to a phishing page (or some other attack website) it is
usually easy enough to get those taken offline effectively neutralizing the
email. Find out who is hosting the page using a domain lookup tool[1] and
notify those responsible about the site. This doesn't always work, but its
usually pretty effective.

[1][http://centralops.net/co/DomainDossier.aspx?net_whois=true](http://centralops.net/co/DomainDossier.aspx?net_whois=true)

------
fabulist
Its hard to really give a meaningful answer without seeing the email. You
could check if the attacker was sloppy, and allowed information to leak in the
email headers, but its quite likely that your brother was emailed by another
victim.

Its much more important right now to assess the impact, and to contain any
breaches that have occurred. If your brother and his colleagues were infected
by malware upon clicking the link, their IP may be in jeopardy.

------
alltakendamned
Send it to the CERT of your country. e.g. [https://www.us-
cert.gov/](https://www.us-cert.gov/)

