Comments on: Bank of America Email policies invite fraud http://www.dvorak.org/blog/2009/01/27/bank-of-america-email-policies-invite-fraud/ General interest observations and true web-log. Sat, 21 Nov 2009 13:46:20 -0800 http://wordpress.org/?v=2.8.6 hourly 1 By: fraud http://www.dvorak.org/blog/2009/01/27/bank-of-america-email-policies-invite-fraud/comment-page-1/#comment-1576692 fraud Sat, 12 Sep 2009 21:24:02 +0000 http://www.dvorak.org/blog/?p=38261#comment-1576692 Be aware of Domainsponsor scam company. This company operates under domainsponsor and oversee names and washes money via oversee company. Tax fraud and cheating is what they do. Stay away from them. Classaction lawsuit is coming. Be aware of Domainsponsor scam company. This company operates under domainsponsor and oversee names and washes money via oversee company. Tax fraud and cheating is what they do. Stay away from them. Classaction lawsuit is coming.

]]> By: jjtr.internet http://www.dvorak.org/blog/2009/01/27/bank-of-america-email-policies-invite-fraud/comment-page-1/#comment-1487161 jjtr.internet Fri, 13 Feb 2009 01:36:57 +0000 http://www.dvorak.org/blog/?p=38261#comment-1487161 bankofamerica.online_link@emailaccount.com is this a valid email account of boa bankofamerica.online_link@emailaccount.com

is this a valid email account of boa

]]> By: Paddy-O http://www.dvorak.org/blog/2009/01/27/bank-of-america-email-policies-invite-fraud/comment-page-1/#comment-1478457 Paddy-O Wed, 28 Jan 2009 17:25:11 +0000 http://www.dvorak.org/blog/?p=38261#comment-1478457 # 18 ran6110 said, "Check it out! Bailout Recipients Hosted Call To Defeat Key Labor Bill" God! I read "the Employee Free Choice Act ". Amazing that they want to do away with secret balloting for Unions. How scary is that? Bunch of thugs. # 18 ran6110 said, “Check it out! Bailout Recipients Hosted Call To Defeat Key Labor Bill”

God! I read “the Employee Free Choice Act “. Amazing that they want to do away with secret balloting for Unions. How scary is that? Bunch of thugs.

]]> By: tahos http://www.dvorak.org/blog/2009/01/27/bank-of-america-email-policies-invite-fraud/comment-page-1/#comment-1478454 tahos Wed, 28 Jan 2009 17:22:57 +0000 http://www.dvorak.org/blog/?p=38261#comment-1478454 I think ther's some confusion here about messages that are "spam" versus messages that are "phish." There is a very important distinction: the definition of SPAM is pretty subjective. However the definition of phish is not. Which one are we talking about here? Marc seems like a smart enough guy that he took a look at the e-mail headers and figured out that an e-mail from bank of america came from a third-party sender. He seems to want all e-mail from bank of america to come from a machine that has a DNS record with something like .bankofamerica.com in it. Sounds fair, but also difficult especially since it's a fairly large company. Here's another idea. How about if bank of america used some kind of tag on their messages to indicate they were legitimately from them? I took a look at some legit e-mail I got from Bank of America, the customer loyalty e-mail similar to what Marc received, and there are SPF records authorizing those for bank of america's domains. So, they actually *have* done something to allow systems to validate e-mail from them. Some other e-mail I get from them has DKIM signatures on it, so I know they are working on that too. Maybe instead of switching banks, we should also go to our ISPs and spam vendors and ask them to start paying attention to the e-mail authentication protocols as well? I think ther’s some confusion here about messages that are “spam” versus messages that are “phish.” There is a very important distinction: the definition of SPAM is pretty subjective. However the definition of phish is not. Which one are we talking about here?

Marc seems like a smart enough guy that he took a look at the e-mail headers and figured out that an e-mail from bank of america came from a third-party sender. He seems to want all e-mail from bank of america to come from a machine that has a DNS record with something like .bankofamerica.com in it. Sounds fair, but also difficult especially since it’s a fairly large company. Here’s another idea.

How about if bank of america used some kind of tag on their messages to indicate they were legitimately from them?

I took a look at some legit e-mail I got from Bank of America, the customer loyalty e-mail similar to what Marc received, and there are SPF records authorizing those for bank of america’s domains. So, they actually *have* done something to allow systems to validate e-mail from them. Some other e-mail I get from them has DKIM signatures on it, so I know they are working on that too.

Maybe instead of switching banks, we should also go to our ISPs and spam vendors and ask them to start paying attention to the e-mail authentication protocols as well?

]]> By: J Random http://www.dvorak.org/blog/2009/01/27/bank-of-america-email-policies-invite-fraud/comment-page-1/#comment-1478452 J Random Wed, 28 Jan 2009 17:20:52 +0000 http://www.dvorak.org/blog/?p=38261#comment-1478452 As soon as you introduce third party email services you're going to see cases where clue-impaired and sketchy operators can't properly maintain DNS entries for each campaign. Have to wonder what your Authentication-Results: headers look like though. Did the message pass an SPF check? I can see that BofA created a record to delegate that to Conversen, but maybe Conversen screwed the pooch. Also, was any signing technology like DK/DKIM used, and did that verify? You ultimately have to make your own choices about what you'll accept, and if you'll only accept FCrDNS-checked messages then good luck. But BofA isn't the only company you'll have an issue with... As soon as you introduce third party email services you’re going to see cases where clue-impaired and sketchy operators can’t properly maintain DNS entries for each campaign.

Have to wonder what your Authentication-Results: headers look like though. Did the message pass an SPF check? I can see that BofA created a record to delegate that to Conversen, but maybe Conversen screwed the pooch. Also, was any signing technology like DK/DKIM used, and did that verify?

You ultimately have to make your own choices about what you’ll accept, and if you’ll only accept FCrDNS-checked messages then good luck. But BofA isn’t the only company you’ll have an issue with…

]]> By: Mr Diesel http://www.dvorak.org/blog/2009/01/27/bank-of-america-email-policies-invite-fraud/comment-page-1/#comment-1478370 Mr Diesel Wed, 28 Jan 2009 14:58:22 +0000 http://www.dvorak.org/blog/?p=38261#comment-1478370 #16 That is a great solution. MY bank has started charging me (on a free account) a monthly charge and I'm taking everything over to a credit union. Screw the banks. #16

That is a great solution. MY bank has started charging me (on a free account) a monthly charge and I’m taking everything over to a credit union.

Screw the banks.

]]> By: LtSiver http://www.dvorak.org/blog/2009/01/27/bank-of-america-email-policies-invite-fraud/comment-page-1/#comment-1478344 LtSiver Wed, 28 Jan 2009 14:19:26 +0000 http://www.dvorak.org/blog/?p=38261#comment-1478344 Heh I agree Marc. Keep in mind this is also the bank that came up with that horribly stupid "SiteKey" feature... Which is totally susceptible to man in the middle if you're not the bank of america website. Heh I agree Marc. Keep in mind this is also the bank that came up with that horribly stupid “SiteKey” feature… Which is totally susceptible to man in the middle if you’re not the bank of america website.

]]> By: ran6110 http://www.dvorak.org/blog/2009/01/27/bank-of-america-email-policies-invite-fraud/comment-page-1/#comment-1478150 ran6110 Wed, 28 Jan 2009 03:40:29 +0000 http://www.dvorak.org/blog/?p=38261#comment-1478150 Check it out! Bailout Recipients Hosted Call To Defeat Key Labor Bill http://tr.im/d5rn "Three days after receiving $25 billion in federal bailout funds, Bank of America Corp. hosted a conference call with conservative activists and business officials to organize opposition to the U.S. labor community's top legislative priority." Check it out!

Bailout Recipients Hosted Call To Defeat Key Labor Bill

http://tr.im/d5rn

“Three days after receiving $25 billion in federal bailout funds, Bank of America Corp. hosted a conference call with conservative activists and business officials to organize opposition to the U.S. labor community’s top legislative priority.”

]]> By: Paddy-O http://www.dvorak.org/blog/2009/01/27/bank-of-america-email-policies-invite-fraud/comment-page-1/#comment-1478063 Paddy-O Wed, 28 Jan 2009 01:19:39 +0000 http://www.dvorak.org/blog/?p=38261#comment-1478063 # 13 Marc Perkel said, "Yes Paddy-O - you see my point then?" Oh, yes. # 13 Marc Perkel said, “Yes Paddy-O – you see my point then?”

Oh, yes.

]]> By: AdmFubar http://www.dvorak.org/blog/2009/01/27/bank-of-america-email-policies-invite-fraud/comment-page-1/#comment-1478052 AdmFubar Wed, 28 Jan 2009 00:58:45 +0000 http://www.dvorak.org/blog/?p=38261#comment-1478052 everyone join a credit union.... enough said everyone join a credit union…. enough said

]]> By: the real billybob http://www.dvorak.org/blog/2009/01/27/bank-of-america-email-policies-invite-fraud/comment-page-1/#comment-1478037 the real billybob Wed, 28 Jan 2009 00:38:12 +0000 http://www.dvorak.org/blog/?p=38261#comment-1478037 Scank of America deserves to go down the tubes. They practice predatory lending on a daily basis. Oooooooo don't get me started! Scank of America deserves to go down the tubes. They practice predatory lending on a daily basis.
Oooooooo don’t get me started!

]]> By: Mr. Fusion http://www.dvorak.org/blog/2009/01/27/bank-of-america-email-policies-invite-fraud/comment-page-1/#comment-1478026 Mr. Fusion Wed, 28 Jan 2009 00:20:38 +0000 http://www.dvorak.org/blog/?p=38261#comment-1478026 #13, Marc, I really am sorry, but, Cow-Paddy has this comprehension problem. Even worse, he thinks he knows what this is about. It doesn't matter, he is going to suggest this is your fault. #13, Marc,

I really am sorry, but, Cow-Paddy has this comprehension problem. Even worse, he thinks he knows what this is about. It doesn’t matter, he is going to suggest this is your fault.

]]> By: Marc Perkel http://www.dvorak.org/blog/2009/01/27/bank-of-america-email-policies-invite-fraud/comment-page-1/#comment-1477986 Marc Perkel Tue, 27 Jan 2009 23:19:13 +0000 http://www.dvorak.org/blog/?p=38261#comment-1477986 Yes Paddy-O - you see my point then? Yes Paddy-O – you see my point then?

]]> By: Paddy-O http://www.dvorak.org/blog/2009/01/27/bank-of-america-email-policies-invite-fraud/comment-page-1/#comment-1477915 Paddy-O Tue, 27 Jan 2009 21:39:56 +0000 http://www.dvorak.org/blog/?p=38261#comment-1477915 #11 Holy crap. customerloyalty.bankofamerica.com resolves to conversen.com #11 Holy crap. customerloyalty.bankofamerica.com resolves to conversen.com

]]> By: Marc Perkel http://www.dvorak.org/blog/2009/01/27/bank-of-america-email-policies-invite-fraud/comment-page-1/#comment-1477911 Marc Perkel Tue, 27 Jan 2009 21:35:55 +0000 http://www.dvorak.org/blog/?p=38261#comment-1477911 The email was supposedly from BofA. From: "Bank of America" Sender: BankofAmerica@customerloyalty.bankofamerica.com To: "Marc Perkel" Reply-To: customerservice@card.bankofamerica.com Date: 27 Jan 2009 13:07:49 -0500 Subject: Use your Platinum Plus(R) credit card today. Received: from <strong>tr202154.cv47.net ([216.75.202.154])</strong> by venus.junkemailfilter.com with esmtp (Exim 4.69) id 1LRsMQ-0006cA-IQ on interface=65.49.42.50 for marc@perkel.com; Tue, 27 Jan 2009 10:08:47 -0800 The email was supposedly from BofA.

From: “Bank of America”
Sender: BankofAmerica@customerloyalty.bankofamerica.com
To: “Marc Perkel”
Reply-To: customerservice@card.bankofamerica.com
Date: 27 Jan 2009 13:07:49 -0500
Subject: Use your Platinum Plus(R) credit card today.
Received: from tr202154.cv47.net ([216.75.202.154])
by venus.junkemailfilter.com with esmtp (Exim 4.69)
id 1LRsMQ-0006cA-IQ on interface=65.49.42.50
for marc@perkel.com; Tue, 27 Jan 2009 10:08:47 -0800

]]>