Forum Moderators: open
Here's what happened...
Someone decided to send out a Wells Fargo phishing attempt. My client happens to offer a Wells Fargo financing package and we utilize a Wells Fargo logo. That logo contained the name wells-fargo in it.
The phishing email contained an absolute link to the bank logo on the client's site. Well, you can kind of guess what happened from there.
Just a word of caution, if you provide any type of financial services and are promoting your providers, be very careful in your file naming conventions for their brands. You may end up on the RBL and find yourself associated with Phishing activities.
SpamCop calls it a Spamvertised Website.
Anyone else run into anything like this?
A good host should be able to block hotlinking - so the spammers will either download the logo ... or go elsewhere.
I'm not clear how naming matters ... you could call it fikughiuhvkvuhth.jpg, and they could still absolute link to it.
Or am I missing something?
Long story short? Someone attempted an email phishing exploit. They linked directly to an image on our server that contained the wells-fargo name. Whether you prevent hotlinking or not, this is something that could have an impact. It did for this particular client as their emails starting bouncing as undeliverable due to blacklist issues.
And preventing hotlinking would (usually) prevent your URL being included in a spam.
I say 'usually', because many spammers are stupid, and don't test before sending; I've received a few with broken images, which may well be failed hotlinking (or the spammer forgot to upload his own!).
It never fails to amuse me that phishers attacking paypal and ebay clients ALMOST ALWAYS hotlink to 'official' images. And they say they care ;)
There is, of course, no way to stop a spammer including your url in their spam, whatever names you give your files.
