?

Log in

No account? Create an account

Previous Entry | Next Entry

Innovations in phishing

Like most people who've had email for more than a week, I'm used to getting phony notices from eBay, Bank of America, and various other institutions telling me that there's a problem with my account, and inviting me to click on the embedded link and "verify" my personal info. By now I think I've seen all the common variations of this scam, but every once in a while there's a new one:


Dear PayPal Member,

This email confirms that you have sent an eBay payment of $47.85 USD to
xxx@yahoo.com for an eBay item.

-----------------------------------
Payment Details
-----------------------------------

Amount: $47.85 USD
Transaction ID: xxx
Subject: Digimax 130

Note:
If you haven't authorized this charge, click the link below to dispute transaction
and get full refund.


Dispute transaction (Encrypted link)

*SSL connection:
PayPal automatically encrypts your confidential information
in transit from your computer to ours using the Secure
Sockets Layer protocol (SSL) with an encryption key length
of 128-bits (the highest level commercially available)

The message goes on to state that the guy you supposedly sent money to has an unconfirmed address (with "UNCONFIRMED" in all-caps), and congratulates you on your choice of payment method:


By using your bank account to send money, you just:

- Paid easily and securely

- Sent money faster than writing and mailing paper checks
- Paid instantly -- your purchase won't show up on bills at the end of
the month.

Thanks for using your bank account!

...which I thought was an especially clever touch. Most phishing emails suggest that your eBay/PayPal/whatever account will be "locked" or "disabled" until you provide the requested information. That's annoying, but not necessarily urgent. The thought that someone might be draining your bank account RIGHT NOW, on the other hand...

Very deft use of psychology. Now if only this ingenuity could be harnessed for something constructive, like rescuing Battlestar Galactica from last season's plot twists.

Comments

( 2 comments — Leave a comment )
almightychrissy
Sep. 22nd, 2007 04:30 pm (UTC)
I got a paypal phish the other day which directed me to a site hosted at a domain belonging to a church. I was truly baffled.

Now if only this ingenuity could be harnessed for something constructive, like rescuing Battlestar Galactica from last season's plot twists.

Alas, I'm not sure any ingenuity is up to that task.
ironymaiden
Sep. 23rd, 2007 12:51 am (UTC)
Now if only this ingenuity could be harnessed for something constructive, like rescuing Battlestar Galactica from last season's plot twists.

from your mouth to god's ears.
( 2 comments — Leave a comment )

Latest Month

December 2011
S M T W T F S
    123
45678910
11121314151617
18192021222324
25262728293031

Tags

Powered by LiveJournal.com
Designed by Tiffany Chow