Pathetic Phishing Ploy

General discussion of identity theft issues, including identity theft schemes, phishing scams, and related issues.
Nikki

Pathetic Phishing Ploy

Post by Nikki »

How many blatant clues can you identify in this message I received this morning?
Dear Customer,

To ensure you are always protected, we are introducing a new programmer on security called BankSecure-cfx-08 and you'll see a number of initiatives that will be put in place to enhance your Internet banking experience. Sequel to the new security measure, our records indicate that your account was Flagged and has upshot an internal error on our processor.

For security reasons, you must update your account to restore full access to your Online Banking.

Please Click Hereto complete your account update. Sign In to start the validation process.

This instruction has been sent to all bank customers and is obligatory to follow.

Privacy Department
Compass Bank
Reprodiced verbatim except for deleting the link.
fortinbras
Princeps Wooloosia
Posts: 3144
Joined: Sat May 24, 2008 4:50 pm

Re: Pathetic Phishing Ploy

Post by fortinbras »

Pathetic might not be the right word. I've gotten several of these - each with the name of a bank popular in my area (but none of them where I have accounts). And I bet there are people who fall for it.
Leftcoaster

Re: Pathetic Phishing Ploy

Post by Leftcoaster »

Nikki wrote:How many blatant clues can you identify in this message I received this morning?
Dear Customer,

To ensure you are always protected, we are introducing a new programmer on security called BankSecure-cfx-08 and you'll see a number of initiatives that will be put in place to enhance your Internet banking experience. Sequel to the new security measure, our records indicate that your account was Flagged and has upshot an internal error on our processor.

For security reasons, you must update your account to restore full access to your Online Banking.

Please Click Hereto complete your account update. Sign In to start the validation process.

This instruction has been sent to all bank customers and is obligatory to follow.

Privacy Department
Compass Bank
Reprodiced verbatim except for deleting the link.
Looks about right to me, but then I do most of my banking in Nigeria. :P
fortinbras
Princeps Wooloosia
Posts: 3144
Joined: Sat May 24, 2008 4:50 pm

Re: Pathetic Phishing Ploy

Post by fortinbras »

Today (Sunday, Sept 7) I received a supposed "Alert", supposedly from PAYPAL (but the actual domain name was something else), telling me that I had apparently just authorized the purchase for $163 for a deer feeder, and that if I wanted to cancel this order I must send an email, not to Paypal but to a purported sporting goods store -- "with sufficient information to establish that I am the account holder". In the tiny print at the bottom it claimed to be a Paypal office in Luxembourg! I haven't done any business with Paypal in more than five years -- my credit cards have all changed since then -- so I couldn't have a Paypal account.
Judge Roy Bean
Judge for the District of Quatloosia
Judge for the District of Quatloosia
Posts: 3704
Joined: Tue May 17, 2005 6:04 pm
Location: West of the Pecos

Re: Pathetic Phishing Ploy

Post by Judge Roy Bean »

You have to remember that the average reading and comprehension level (not to mention spelling acumen) is about the fifth grade.

That means the majority of recipients aren't going to pick up on the nuances.

My associates and I get numerous versions of these in our "tar baby" email accounts, often allegedly from financial institutions that an account has never been established in.

But like debt elimination schemes, the unwitting or ignorant are drawn like moths to the flame.
The Honorable Judge Roy Bean
The world is a car and you're a crash-test dummy.
The Devil Makes Three
fortinbras
Princeps Wooloosia
Posts: 3144
Joined: Sat May 24, 2008 4:50 pm

Re: Pathetic Phishing Ploy

Post by fortinbras »

This received today (Nov 12, 2008). I have not had ANY Paypal dealings in more than five years:

Due to recent fraudulent transactions...!!!‏
From: PayPal Departament (service@intl.paypal.com)

Sent: Wed 11/12/08 2:16 PM
To:


Dear valued PayPal?/b> Customer,

Due to recent fraudulent transactions, we have issued the following security requirements.

It has come to our attention that 98% of all fraudulent transactions are caused by members using stolen credit cards to purchase or sell non existant items. Thus we require our members to add a Debit/Check card to their billing records as part of our continuing commitment to protect your account and to reduce the instance of fraud on our website. Your Debit/Check card will only be used to identify you. If you could please take 5-10 minutes out of your online experience and renew your records you will not run into any future problems with the PayPal?/b> service. However, failure to confirm your records will result in your account suspension.

We are requesting this information to verify and protect your identity. Federal regulations require all financial institutions to obtain, verify, and record identification from all persons opening new accounts or obtaining ongoing payment services. This is in order to prevent the use of the U.S. banking system in terrorist and other illegal activity. For these reasons, PayPal?/b> will utilize services provided by various credit reporting agencies to verify the information you submit to us.

Once you have updated your account records your pending PayPal?/b> account transactions will not be interrupted and will continue as normal.

To update your billing records please proceed to our secure webform by clicking here.

Thank you for your time,
PayPal?Billing Department.
Somehow I suspect the real PayPal knows how to spell DEPARTMENT and maybe even how to type out PayPal.
fortinbras
Princeps Wooloosia
Posts: 3144
Joined: Sat May 24, 2008 4:50 pm

Re: Pathetic Phishing Ploy

Post by fortinbras »

I just received this e-mail, which, from the return address in the heading, appears to come directly and authentically from PayPal (but the return address is written in such a way that the Reply command will go nowhere) ...... except that, further on, to negotiate over my PayPal account, I am given a live link ... which turns out (when I read the status line) to go to someone or something named KisaKenya.org, which I assume means in Kenya in Africa. I might add that I haven't used PayPal in at least four years, during which time my credit card was replaced.
==================

Your PayPal account has been limited!‏
From: service@ (paypal.com service@paypal.com)
Sent: Wed 1/21/09 7:17 PM

PayPal

Information Regarding Your account:
Dear PayPal Member:

Attention! Your PayPal account has been limited!

As part of our security measures, we regularly screen activity in the PayPal system.We recently contacted you after noticing an issue on your account.We requested information from you for the following reason:

Our system detected unusual charges to a credit card linked to your PayPal account.

Reference Number: PP-259-187-991

This is the Last reminder to log in to PayPal as soon as possible. Once you log in, you will be provided with steps to restore your account access.

Once you log in, you will be provided with steps to restore your account access. We appreciate your understanding as we work to ensure account safety.

- - - Click here to activate your account - - - {kisakenya.org/kisa}

We thank you for your prompt attention to this matter. Please understand that this is a security measure intended to help protect you and your account. We apologise for any inconvenience..

Sincerely,
PayPal Account Review Department
Copyright ฉ 1999-2009 PayPal. All rights reserved. PayPal Ltd. PayPal FSA Register Number: 226056.
PayPal Email ID PP059

Protect Your Account Info
Make sure you never provide your password to fraudulent websites.

To safely and securely access the PayPal website or your account, open a new web browser (e.g. Internet Explorer or Netscape) and type in the PayPal login page (http://paypal.com/) to be sure you are on the real PayPal site.

For more information on protecting yourself from fraud, please review our Security Tips at https://www.paypal.com/us/securitytips
Protect Your Password
You should never give your PayPal password to anyone.

============
I think the repetition of the usual PayPal security cautions is cute.
Demosthenes
Grand Exalted Keeper of Esoterica
Posts: 5773
Joined: Wed Jan 29, 2003 3:11 pm

Re: Pathetic Phishing Ploy

Post by Demosthenes »

KISA is the Kenya Independent Schools Association. Someone is running the paypal scam through his or her school account.
Demo.
User avatar
wserra
Quatloosian Federal Witness
Quatloosian Federal Witness
Posts: 7618
Joined: Sat Apr 26, 2003 6:39 pm

Re: Pathetic Phishing Ploy

Post by wserra »

Or they're importing lesson plans from Nigeria.
"A wise man proportions belief to the evidence."
- David Hume
Doktor Avalanche
Asst Secretary, the Dept of Jesters
Posts: 1767
Joined: Thu May 03, 2007 10:20 pm
Location: Yuba City, CA

Re: Pathetic Phishing Ploy

Post by Doktor Avalanche »

Judge Roy Bean wrote:You have to remember that the average reading and comprehension level (not to mention spelling acumen) is about the fifth grade.
Actually it's more like the fourth.

I get these about three a week.
The laissez-faire argument relies on the same tacit appeal to perfection as does communism. - George Soros