new phishing scam... they're getting more creative

Voltage Spike replied

September 13, 2006, 11:07
Re: new phishing scam... they're getting more creative

Originally posted by INIT_6

What I don't understand is why PayPal and others alike don't educate more.

Well, using spam to counter phishers is, well, maybe not something I'd like to see. I have a lot of accounts that involve money in one way or another, and if each sent out just one email a week it could get pretty annoying.

That being said, it would be kind of cool if one of those companies had the balls to create their own fake phishing attempt that leads to a "If this had been an actual attempt, you'd be fucked" message. Nothing like shock value to drive the point home.
Leave a comment:
TheCotMan replied

September 13, 2006, 09:33
Re: new phishing scam... they're getting more creative

Originally posted by INIT_6

I must have changed a setting my bad.

Maybe the setting was adding an anti-spam, anti-phishing filter?

Heh-heh.

I too only got one official notice from pay pal about this a long time ago. It mentioned many things like "forward phishing scams to this address" "if you think something is "fishy" (heh heh) don't follow any links provided, visit the pay pal site by typing it into a web browser manually, and one that was really interesting, "We always address you by your full name when we send you notices about your account. If you get a notice specific to your account that does not open with your name, it is likely a scam of some sort."

This last one is the most interesting. What they write could be absolutely true if they adhere to this policy 100% of the time, but people are stupid, and will apply fallacy to the statement when they alter it to, "if it has my real name, then it is valid," which is not guaranteed. (Mmmmm. The value of critical thinking.)

(All quotes are not direct, but from memory, so are probably not exactly, word-for-word.)

When I received that notice from paypal, there may have been mention about how to turn off such security notices and email messages. If so, I may have visited my paypal account to turn these off too, since I never got any more valid and official notices either.
Leave a comment:
INIT_6 replied

September 13, 2006, 04:45
Re: new phishing scam... they're getting more creative

I must have changed a setting my bad.
Leave a comment:
theprez98 replied

September 13, 2006, 04:32
Re: new phishing scam... they're getting more creative

Originally posted by INIT_6

What I don't understand is why PayPal and others alike don't educate more.

I have two paypal accounts (business/personal). I have only received one e-mail trying to educate me on phishing scam's. This was a while ago and it was only about one type of phishing scam.

I think the company should try harder to educate there customers on what to do and what not to do. even create a cutie little movie for people to watch. Knowledge is power. So if more people know about, "what can happen" it should happen less.

Of course you might just piss them off and they come up with something even cooler and we are all screwed.

PayPal emails me every day about phishing scams. Sometimes even more than once a day. All I need to do is log in to verify my details...
Leave a comment:
INIT_6 replied

September 13, 2006, 03:36
Re: new phishing scam... they're getting more creative

What I don't understand is why PayPal and others alike don't educate more.

I have two paypal accounts (business/personal). I have only received one e-mail trying to educate me on phishing scam's. This was a while ago and it was only about one type of phishing scam.

I think the company should try harder to educate there customers on what to do and what not to do. even create a cutie little movie for people to watch. Knowledge is power. So if more people know about, "what can happen" it should happen less.

Of course you might just piss them off and they come up with something even cooler and we are all screwed.
Leave a comment:
TheCotMan replied

September 13, 2006, 01:09
Re: new phishing scam... they're getting more creative

Here's one you don't see very often...
An anti-spam and security product advertised in a phising scam that tells the reader something about a bank account, with a link name of the bank, but an href-name of their own anti-spam "security" software.
Leave a comment:
zoasterboy replied

September 12, 2006, 17:02
Re: new phishing scam... they're getting more creative

You should have resisted.
Leave a comment:
Asbestos replied

September 6, 2006, 15:24
Re: new phishing scam... they're getting more creative

Would you like a bigger penis? Where would you like it?

Sorry, I couldn't resist.
Leave a comment:
GodMinusOne replied

September 6, 2006, 14:24
Re: new phishing scam... they're getting more creative

Originally posted by Deviant Ollam

"i am nigerian royalty and i need you to send me money. please ignore the fact that i can't spell 'nigerian' or 'royalty'."*

* free drink to the first person who identifies that reference.

Red vs. Blue. -- Real Life vs. The Internet
Leave a comment:
Voltage Spike replied

September 5, 2006, 23:46
Re: new phishing scam... they're getting more creative

Didn't you hear? PayPal has a great new system in place to help stop phishing attempts. Just click my link and login to activate it...

Maybe we can turn this thread into a creative listing of all the ways we can convince naive people to let go of otherwise private information.

How about: your account has been locked due to too many unsuccessful login attempts. This is likely due to an attempt at identity theft. We recommend you click the following link to login and change your password.
Leave a comment:
Deviant Ollam started a topic new phishing scam... they're getting more creative

September 5, 2006, 23:12
new phishing scam... they're getting more creative

every once in a while i am surprised and impressed with the psychology employed by those who perpetrate phishing scams. i see this junk less often now that i've fine tuned my spamassassin install, but every so often something slips through that's way above and beyond the "i am nigerian royalty and i need you to send me money. please ignore the fact that i can't spell 'nigerian' or 'royalty'."*

most of us are familiar with the old and busted "please verify your paypal account details" scams... in which a person is directed to a look-alike site, asked to login, and then told to enter an assload of personal data (including info that paypal has never used in the past for any reason)

the new hotness? aparently, it's to generate authentic-looking receipts for big-ticket transactions that have allegedly taken place. (keep in mind, real receipt emails are often very sparse... sometimes even being just plain text depending on your settings.) the one i just received stated i bought a nokia cel phone for $400+ and that it was being shipped to a "bill chang" somewhere in maine. the brilliance of this is that none of the details have to be real... the more fake it seems the more likely a person might think "damn! someone pinched my info! a dirty hacker is going to clone cel phones in the new england area using my paypal account to get equipment."

there's of course a helpful "dispute this transaction" link in the email which in this case took me to a very well-crafte phony paypal page (which actually loaded elements directly from paypal's own web servers)...

... still nothing that wouldn't fool a half-awake person, but i see the scammers' increasing craftiness becoming more and more of a risk for the unaware sheeple. i get asked more often than ever before by employees at client sites about "how do i dispute this? are you sure it's not real? maybe i should call them and make sure" etc etc.

* free drink to the first person who identifies that reference.
Tags: None

Announcement

new phishing scam... they're getting more creative

Leave a comment:

Leave a comment:

Leave a comment:

Leave a comment:

Leave a comment:

Leave a comment:

Leave a comment:

Leave a comment:

Leave a comment: