Phishing Safe Sites
Shawn Iverson
shawniverson at summitgrid.com
Mon Nov 4 20:38:09 UTC 2024
I feel that way about all of Google, not just drive. I'm not sure that
google deserves blanket treatment for any of its subdomains. Maybe it
would be best to drop *.google.com from $safe_domains and require
everyone to manage locally?
On 11/4/24 15:21, Jerry Benton wrote:
>
> Not sure. Having second thoughts on drive.google.com as well. Tracy
> has a good point about it being a source for malware. I see it all the
> time as well.
>
> --
>
> Jerry Benton
>
> www.mailborder.com <http://www.mailborder.com>
>
> +1 843-800-8605
>
> *From: *MailScanner
> <mailscanner-bounces+jerry.benton=mailborder.com at lists.mailscanner.info>
> on behalf of Alex Neuman via MailScanner
> <mailscanner at lists.mailscanner.info>
> *Date: *Monday, November 4, 2024 at 15:06
> *To: *MailScanner Discussion <mailscanner at lists.mailscanner.info>
> *Cc: *Alex Neuman <alex at vidadigital.com.pa>
> *Subject: *Re: Phishing Safe Sites
>
> Would this be the place to add:
> https://<DataCenterLocation>.safelinks.protection.outlook.com
>
> ?
>
>
>
>
>
>
>
> *Alex Neuman*
> *Host / CEO, Vida Digital / Reliant Technologies*
>
> +507 833-7900 <tel:+507+833-7900>
>
>
>
> *|*
>
>
>
> +507 6781-9505 <tel:+507+6781-9505>
>
>
>
> *|*
>
>
>
> *MailScanner has detected definite fraud in the website at
> "mailtrack.io". Do /not/ trust this website:*
> https://vidadigital.com.pa/
> <https://mailtrack.io/l/7ba35feebe84dfbd9bd579c8b30cb95e5ebc759b?w=bWFpbHNjYW5uZXJAbGlzdHMubWFpbHNjYW5uZXIuaW5mbw&url=https%3A%2F%2Fvidadigital.com.pa%2F&u=2636895&signature=565d8f35be1e0787>
>
>
>
>
> *MailScanner has detected definite fraud in the website at
> "mailtrack.io". Do /not/ trust this website:*
> <https://mailtrack.io/l/1de29c09145987d1a413bb00c922d49fd8f4e0a4?w=bWFpbHNjYW5uZXJAbGlzdHMubWFpbHNjYW5uZXIuaW5mbw&url=http%3A%2F%2Fanchor.fm%2Fvidadigital&u=2636895&signature=d993aeb3af2c629a>
>
>
>
> *MailScanner has detected definite fraud in the website at
> "mailtrack.io". Do /not/ trust this website:*
> <https://mailtrack.io/l/85292bc06c6c8a2c893bd13b7a5188eb88d200bb?w=bWFpbHNjYW5uZXJAbGlzdHMubWFpbHNjYW5uZXIuaW5mbw&url=http%3A%2F%2Fwiseintro.co%2Fvidadigital&u=2636895&signature=9235f6a446229fd8>
>
>
>
> *MailScanner has detected definite fraud in the website at
> "mailtrack.io". Do /not/ trust this website:*
> <https://mailtrack.io/l/6cb34d398335077540d6951c1183161cb3f3c8f1?w=bWFpbHNjYW5uZXJAbGlzdHMubWFpbHNjYW5uZXIuaW5mbw&url=http%3A%2F%2Ftiktok.com%2F%40vidadigital&u=2636895&signature=fe6ab5155849f245>
>
>
>
> *MailScanner has detected definite fraud in the website at
> "mailtrack.io". Do /not/ trust this website:*
> <https://mailtrack.io/l/5af6a1557cfe12ccfc38ad345cf74a60338782d8?w=bWFpbHNjYW5uZXJAbGlzdHMubWFpbHNjYW5uZXIuaW5mbw&url=http%3A%2F%2Ffacebook.com%2Fvidadigital&u=2636895&signature=e5bf1226f0700d59>
>
>
>
> *MailScanner has detected definite fraud in the website at
> "mailtrack.io". Do /not/ trust this website:*
> <https://mailtrack.io/l/7d0614893f69b10161b2a5527992272f145a3c8b?w=bWFpbHNjYW5uZXJAbGlzdHMubWFpbHNjYW5uZXIuaW5mbw&url=http%3A%2F%2Finstagram.com%2Fvidadigital&u=2636895&signature=384e89d165b66b8e>
>
>
>
> *MailScanner has detected definite fraud in the website at
> "mailtrack.io". Do /not/ trust this website:*
> <https://mailtrack.io/l/1bba1d145848dc0f8884845097fe8fc2781f4727?w=bWFpbHNjYW5uZXJAbGlzdHMubWFpbHNjYW5uZXIuaW5mbw&url=http%3A%2F%2Flinkedin.com%2Fin%2Falexneuman&u=2636895&signature=3c9addd9371c0c26>
>
>
>
> *MailScanner has detected definite fraud in the website at
> "mailtrack.io". Do /not/ trust this website:*
> <https://mailtrack.io/l/e7d8be975b3411e102db8d7189f663358670addc?w=bWFpbHNjYW5uZXJAbGlzdHMubWFpbHNjYW5uZXIuaW5mbw&url=http%3A%2F%2Ftwitter.com%2Fvidadigital&u=2636895&signature=73eb573e8680cacb>
>
>
>
> *MailScanner has detected definite fraud in the website at
> "mailtrack.io". Do /not/ trust this website:*
> <https://mailtrack.io/l/30e438fed56df5c2b73fb103c5b36ab1d709a62b?w=bWFpbHNjYW5uZXJAbGlzdHMubWFpbHNjYW5uZXIuaW5mbw&url=http%3A%2F%2Fyoutube.com%2Fvidadigital&u=2636895&signature=c8e9aeb59210be1b>
>
>
>
> *MailScanner has detected definite fraud in the website at
> "mailtrack.io". Do /not/ trust this website:*
> <https://mailtrack.io/l/1e5961b7efd6813d9673f3d5c0560e8ccf2be4c5?w=bWFpbHNjYW5uZXJAbGlzdHMubWFpbHNjYW5uZXIuaW5mbw&url=http%3A%2F%2Fpinterest.com%2Fvidadigital&u=2636895&signature=9e74f510f23c70ac>
>
>
>
>
>
> On Mon, Nov 4, 2024 at 1:04 PM Jerry Benton
> <jerry.benton at mailborder.com> wrote:
>
> Ok, I added drive.google.com <http://drive.google.com>.
>
> --
>
> Jerry Benton
>
> www.mailborder.com <http://www.mailborder.com>
>
> +1 843-800-8605
>
> *From: *MailScanner
> <mailscanner-bounces+jerry.benton=mailborder.com at lists.mailscanner.info>
> on behalf of Shawn Iverson via MailScanner
> <mailscanner at lists.mailscanner.info>
> *Date: *Monday, November 4, 2024 at 12:15
> *To: *mailscanner at lists.mailscanner.info
> <mailscanner at lists.mailscanner.info>
> *Cc: *Shawn Iverson <shawniverson at summitgrid.com>
> *Subject: *Re: Phishing Safe Sites
>
> drive.google.com <http://drive.google.com> seems to be a complaint
> I sometimes receive on the MailScanner project because it often
> shows up in Phishtank, and it only takes one bad URL reported to
> Phishtank to cause the entire drive.google.com
> <http://drive.google.com> to get flagged as a bad site.
>
> On 11/4/24 11:52, Jerry Benton wrote:
>
> I was reviewing the build script for the safe and bad sites
> today.
>
> * The safe sites file will contain the top 1500 domains on
> the internet. This will pretty much be static as AWS no
> longer publishes that information. It will be updated in
> the next 4 hours. (Currently empty.)
> * The bad sites file is still updated every 4 hours from
> phishtank with the latest nefarious sites.
> * The safe domains used while building the script are below.
> If you have any suggestions to add to that list, let me
> know. No, I will not add your personal domain. You can use
> the custom safe sites list in MailScanner for that.
>
> # common short url providers
>
> $safe_domains[] = 'adf.ly <http://adf.ly>';
>
> $safe_domains[] = 'bit.ly <http://bit.ly>';
>
> $safe_domains[] = 'doiop.com <http://doiop.com>';
>
> $safe_domains[] = 'fur.ly <http://fur.ly>';
>
> $safe_domains[] = 'goo.gl <http://goo.gl>';
>
> $safe_domains[] = 'is.gd <http://is.gd>';
>
> $safe_domains[] = 'mcaf.ee <http://mcaf.ee>';
>
> $safe_domains[] = 'ow.ly <http://ow.ly>';
>
> $safe_domains[] = 'snipurl.com <http://snipurl.com>';
>
> $safe_domains[] = 'su.pr <http://su.pr>';
>
> $safe_domains[] = 'tinyurl.com <http://tinyurl.com>';
>
> $safe_domains[] = 'v.gd <http://v.gd>';
>
> $safe_domains[] = 'tiny.cc';
>
> $safe_domains[] = 'tr.im <http://tr.im>';
>
> $safe_domains[] = 'bit.do';
>
> $safe_domains[] = 'po.st <http://po.st>';
>
> $safe_domains[] = 'lrd.to <http://lrd.to>';
>
> $safe_domains[] = 'g.co <http://g.co>';
>
> # known safe domains
>
> $safe_domains[] = 'www.google.com <http://www.google.com>';
>
> $safe_domains[] = 'docs.google.com <http://docs.google.com>';
>
> $safe_domains[] = 'accounts.google.com
> <http://accounts.google.com>';
>
> $safe_domains[] = 'sites.google.com <http://sites.google.com>';
>
> $safe_domains[] = 'mail.google.com <http://mail.google.com>';
>
> $safe_domains[] = 'schema.org <http://schema.org>';
>
> $safe_domains[] = 'urldefense.proofpoint.com
> <http://urldefense.proofpoint.com>';
>
> --
>
> Jerry Benton
>
> www.mailborder.com <http://www.mailborder.com>
>
> +1 843-800-8605
>
>
>
>
>
>
>
> --
> MailScanner mailing list
> mailscanner at lists.mailscanner.info
> http://lists.mailscanner.info/mailman/listinfo/mailscanner
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.mailscanner.info/pipermail/mailscanner/attachments/20241104/82cabe00/attachment-0001.html>
More information about the MailScanner
mailing list