Page 1 of 1

Pathetic Phishing Ploy

Posted: Mon Sep 01, 2008 4:36 pm
by Nikki
How many blatant clues can you identify in this message I received this morning?
Dear Customer,

To ensure you are always protected, we are introducing a new programmer on security called BankSecure-cfx-08 and you'll see a number of initiatives that will be put in place to enhance your Internet banking experience. Sequel to the new security measure, our records indicate that your account was Flagged and has upshot an internal error on our processor.

For security reasons, you must update your account to restore full access to your Online Banking.

Please Click Hereto complete your account update. Sign In to start the validation process.

This instruction has been sent to all bank customers and is obligatory to follow.

Privacy Department
Compass Bank
Reprodiced verbatim except for deleting the link.

Re: Pathetic Phishing Ploy

Posted: Mon Sep 01, 2008 6:30 pm
by fortinbras
Pathetic might not be the right word. I've gotten several of these - each with the name of a bank popular in my area (but none of them where I have accounts). And I bet there are people who fall for it.

Re: Pathetic Phishing Ploy

Posted: Tue Sep 02, 2008 10:10 pm
by Leftcoaster
Nikki wrote:How many blatant clues can you identify in this message I received this morning?
Dear Customer,

To ensure you are always protected, we are introducing a new programmer on security called BankSecure-cfx-08 and you'll see a number of initiatives that will be put in place to enhance your Internet banking experience. Sequel to the new security measure, our records indicate that your account was Flagged and has upshot an internal error on our processor.

For security reasons, you must update your account to restore full access to your Online Banking.

Please Click Hereto complete your account update. Sign In to start the validation process.

This instruction has been sent to all bank customers and is obligatory to follow.

Privacy Department
Compass Bank
Reprodiced verbatim except for deleting the link.


Looks about right to me, but then I do most of my banking in Nigeria. :P

Re: Pathetic Phishing Ploy

Posted: Sun Sep 07, 2008 11:19 pm
by fortinbras
Today (Sunday, Sept 7) I received a supposed "Alert", supposedly from PAYPAL (but the actual domain name was something else), telling me that I had apparently just authorized the purchase for $163 for a deer feeder, and that if I wanted to cancel this order I must send an email, not to Paypal but to a purported sporting goods store -- "with sufficient information to establish that I am the account holder". In the tiny print at the bottom it claimed to be a Paypal office in Luxembourg! I haven't done any business with Paypal in more than five years -- my credit cards have all changed since then -- so I couldn't have a Paypal account.

Re: Pathetic Phishing Ploy

Posted: Wed Sep 10, 2008 3:10 am
by Judge Roy Bean
You have to remember that the average reading and comprehension level (not to mention spelling acumen) is about the fifth grade.

That means the majority of recipients aren't going to pick up on the nuances.

My associates and I get numerous versions of these in our "tar baby" email accounts, often allegedly from financial institutions that an account has never been established in.

But like debt elimination schemes, the unwitting or ignorant are drawn like moths to the flame.

Re: Pathetic Phishing Ploy

Posted: Thu Nov 13, 2008 2:54 am
by fortinbras
This received today (Nov 12, 2008). I have not had ANY Paypal dealings in more than five years:

Due to recent fraudulent transactions...!!!‏
From: PayPal Departament (service@intl.paypal.com)

Sent: Wed 11/12/08 2:16 PM
To:


Dear valued PayPal?/b> Customer,

Due to recent fraudulent transactions, we have issued the following security requirements.

It has come to our attention that 98% of all fraudulent transactions are caused by members using stolen credit cards to purchase or sell non existant items. Thus we require our members to add a Debit/Check card to their billing records as part of our continuing commitment to protect your account and to reduce the instance of fraud on our website. Your Debit/Check card will only be used to identify you. If you could please take 5-10 minutes out of your online experience and renew your records you will not run into any future problems with the PayPal?/b> service. However, failure to confirm your records will result in your account suspension.

We are requesting this information to verify and protect your identity. Federal regulations require all financial institutions to obtain, verify, and record identification from all persons opening new accounts or obtaining ongoing payment services. This is in order to prevent the use of the U.S. banking system in terrorist and other illegal activity. For these reasons, PayPal?/b> will utilize services provided by various credit reporting agencies to verify the information you submit to us.

Once you have updated your account records your pending PayPal?/b> account transactions will not be interrupted and will continue as normal.

To update your billing records please proceed to our secure webform by clicking here.

Thank you for your time,
PayPal?Billing Department.



Somehow I suspect the real PayPal knows how to spell DEPARTMENT and maybe even how to type out PayPal.

Re: Pathetic Phishing Ploy

Posted: Wed Jan 21, 2009 5:31 pm
by fortinbras
I just received this e-mail, which, from the return address in the heading, appears to come directly and authentically from PayPal (but the return address is written in such a way that the Reply command will go nowhere) ...... except that, further on, to negotiate over my PayPal account, I am given a live link ... which turns out (when I read the status line) to go to someone or something named KisaKenya.org, which I assume means in Kenya in Africa. I might add that I haven't used PayPal in at least four years, during which time my credit card was replaced.
==================

Your PayPal account has been limited!‏
From: service@ (paypal.com service@paypal.com)
Sent: Wed 1/21/09 7:17 PM

PayPal

Information Regarding Your account:
Dear PayPal Member:

Attention! Your PayPal account has been limited!

As part of our security measures, we regularly screen activity in the PayPal system.We recently contacted you after noticing an issue on your account.We requested information from you for the following reason:

Our system detected unusual charges to a credit card linked to your PayPal account.

Reference Number: PP-259-187-991

This is the Last reminder to log in to PayPal as soon as possible. Once you log in, you will be provided with steps to restore your account access.

Once you log in, you will be provided with steps to restore your account access. We appreciate your understanding as we work to ensure account safety.

- - - Click here to activate your account - - - {kisakenya.org/kisa}

We thank you for your prompt attention to this matter. Please understand that this is a security measure intended to help protect you and your account. We apologise for any inconvenience..

Sincerely,
PayPal Account Review Department
Copyright āļ‰ 1999-2009 PayPal. All rights reserved. PayPal Ltd. PayPal FSA Register Number: 226056.
PayPal Email ID PP059

Protect Your Account Info
Make sure you never provide your password to fraudulent websites.

To safely and securely access the PayPal website or your account, open a new web browser (e.g. Internet Explorer or Netscape) and type in the PayPal login page (http://paypal.com/) to be sure you are on the real PayPal site.

For more information on protecting yourself from fraud, please review our Security Tips at https://www.paypal.com/us/securitytips
Protect Your Password
You should never give your PayPal password to anyone.

============
I think the repetition of the usual PayPal security cautions is cute.

Re: Pathetic Phishing Ploy

Posted: Wed Jan 21, 2009 5:49 pm
by Demosthenes
KISA is the Kenya Independent Schools Association. Someone is running the paypal scam through his or her school account.

Re: Pathetic Phishing Ploy

Posted: Wed Jan 21, 2009 8:00 pm
by wserra
Or they're importing lesson plans from Nigeria.

Re: Pathetic Phishing Ploy

Posted: Mon May 18, 2009 2:21 pm
by Doktor Avalanche
Judge Roy Bean wrote:You have to remember that the average reading and comprehension level (not to mention spelling acumen) is about the fifth grade.


Actually it's more like the fourth.

I get these about three a week.