NOTICE
NOTICE Due to a failure with Google Code's Subversion service, we are in the process of transitioning this project to SourceForge.
Description
This project is intended to organize email service provider response to email phishing campaigns that convince the end-user to reply via email with their information.
There are many projects aimed at stopping email phishing campaigns, and there are many projects aimed at stopping users from browsing to known phishing web sites. This project does not aim to solve either of these problems.
This project was started by email service providers in the higher education IT sector. Students, faculty and staff have been targeted by phishing campaigns that convince them to reply to email messages with their personal information, most notably their email account password.
The phishers then use the stolen account credentials to send more phishing campaigns using the school's otherwise trustworthy email system.
The reply address of these phishing messages are usually fake accounts within legitimate email domains, such as live.com or yahoo.com.
The intent of this project is to maintain a list of accounts that are being used (or have been used) in the reply-to address of phishing campaigns. Email service administrators can use this list to actively block outgoing smtp submissions destined for these accounts. The list can also be used to scan recent SMTP logs to determine if any users have already replied.
This project may also be used to host tools to aid in reformatting the list for automatic import into various email server configurations.
Download
This is the list of reply addresses being used in phishing campaigns.
https://aper.svn.sourceforge.net/svnroot/aper/phishing_reply_addresses
List Removal
If you would like an address to be cleared from the list, send an email to: anti-phishing-email-reply-discuss@googlegroups.com
How to participate
To subscribe to the mailing list, so that you can post new addresses, send an email to: anti-phishing-email-reply-discuss@googlegroups.com
