Posts tagged with phishing
The stream of spam, scams and phishing attempts increases day after day. Reporting phishing and spam inside Gmail is all well and good but it doesn’t help anyone outside GoogleMail nor solves the issue at heart.
I can only assume the recent increase in scamming and phishing is because either:
- It’s so successful more and more scammers are taking it up
- There are less gullible people to go around and so they are fighting to find who’s left
But how gullible are people to believe these emails? I somebody came to your front door and announced:
Hi, I’m from bank X! Can you just fill in your account details and passwords on this piece of paper for me. It’s ‘due to security concerns’ and look, it’s legitimate – there’s a bank logo at the top of the page.
Who on earth would believe them? And yet it works on-line even though lately the phishers aren’t even trying to fake an SSL or even obscure the URL.
Here’s another lottery scam to arrive in my inbox complete with comments. For those not aware the scam operates by convincing people they have won money in a lottery they never entered.
Once you claim your winnings you find there are fees, duties, taxes followed by an endless list of excuses and expenses. You may even be invited to claim the prize yourself at which point you could find yourself kidnapped and held for ransom.
What a win indeed.
FROM THE DESK OF THE DIRECTOR: INTERNATIONAL PRIZE AWARD DEPT WINNING NOTIFICATION FOR CATEGORY “A” WINNER ONLY
Ah, the “International Prize Award Dept”. With a name like that how can anyone doubt their integrity.
Just in case you fell asleep since starting the message…
We are pleased to inform you of the result of the last final annual draw of our LOTTERY INTERNATIONAL Programs. The online cyber lotto draws was conducted from an exclusive list of 25,000,000 e-mail addresses of individuals and corporate institutions,picked by an advanced automated random computer search from the internet.No tickets were sold.
Hold on, no tickets were sold? Wow, they must have a mysterious benefactor who just keeps wanting to give away money then.
How advanced would a computer be to pick an email address from 25 million email addresses?
After this automated computer ballot, your e-mail address emerged as a winner in the category “A” with the following numbers attached Ref Number: GP 14-M-146-04,Batch Number: 573891545-NL/2006 and Ticket Number: PP 3802 /8707-01.
No less than three different long reference ‘numbers’…
You are therefore to receive a cash prize of $2,500,000.00. ( Two Million Five Hundred Thousand ) from the totalpayout.
Thanks for clarifying a 7 digit number was because I can’t read numbers that big. Clarifying the currency might have been more useful, what with the $ dollar sign being used all over the globe.
Made from all capitals and three exclamation marks so you know it’s real.
Your prize award has been insured with your e-mail address and will be transferred to you upon meeting our requirements, statutory obligations, verifications, validations and satisfactory report. To file in for the processing of your prize winnings, you are advised to contact our Certified and Accredited claims agent for category “A” winners with the information below:
Apparently my email address is now an insurance broker.
I wonder who certified or accredited their claim agents and in what. It certainly wasn’t in use of the English language.
MR.JERRY LAWSON Phone:+31 xxx xxx xxx
Ah, the international country code for the Netherlands, home to the lottery scam. A company that gives away millions of dollars operates of course from an individual Yahoo address – and one in Germany no less. I mean they couldn’t possibly afford a $10 a year domain name of their own.
Forwarding a copy to firstname.lastname@example.org to get it shut down….
You are advice to provide him with the following information: Names: Telephone/Fax number: Nationality: Occupation: Age:
Sounds suspiciously like the start of an identity-theft set-up. Two scams for the price of one?
You are to keep all lottery information confidential, especially your reference and ticket numbers. (This is important as a case of double claim will not be tolerated).
Translation: Keep quiet, we don’t want your less-clueless friends pointing out this is a scam.
Members of affiliated agencies are PROHIBITED from participating in this program.
Affiliated with who? Law officials perhaps. I thought I’d already won anyway…
Furthermore, should there be any change of address, do inform our agent as soon as possible.
What? You never asked for my address so why would you care if it changed.
Congratulations once more from our members of staff and thank you for being part of our Promotional Program.
Thanks, I can’t quite describe how it feels.
Cheers Walt. Hold on who’s Jerry Lawson then?
I guess scum doesn’t have the same ring.
Check out the 419 Eater for more information on these sorts of scams.
Basically all these browsers support International Domain Names (IDN) that let you use the full Unicode set of foreign characters and symbols, and some of these foreign characters while technically different from the Latin ones look identical. In the case demonstrated they have used the Arabic a to replace a Latin a in “PayPal” to get another site. This isn’t really anything new, even the original RFC commented on how this would be a problem and the IETF issued guidelines that would have limited their scope if only Verisign actually implemented them. (Specifically the guideline for preventing mixing of languages within a domain name would reduce the scope for attack considerably).
One thing that is amusing is the Internet Explorer fans reaction that their browser isn’t susceptible. This is true but only because Microsoft hasn’t added IDN support to IE, instead recommending you install a third-party plug-in to do it.
Head over to Verisign, install the plug-in, and you too can have exactly the same “exploit”.
Some 12 hours later it appears the rest of the world twigs and Secunia issues this advisory.