jon’s blog. » Blog Archive » Very Poor Phishing Attempt

Very Poor Phishing Attempt

There are decent phishing attempts, and there are really wack ones.

the text of this one is okay, “Dear ebay user” notwithstanding (tip: if they don’t know your real id or name, it’s 99% likely it’s a phish).

Dear eBay User,

We regret to inform you, that we had to block your eBay account
because we have been notified that your account may have been compromised by outside parties.

Our terms and conditions you agreed to state that your account must always be under your control
or those you designate at all times. We have noticed some activity related to your account that
indicates that other parties may have access and or control of your information in your account.

Please be aware that until we can verify your identity no further access to your account will be allowed.As a result,Your access to bid or buy on eBay has been restricted.To start using your eBay account fully,Please uptake and verify your information by clicking below

http://signin.ebay.com/aw-c gi/eBayISAPI.dll?Verify

Regards,

eBay Member Service

**Please Do Not Reply To This E-mail As You Will Not Receive A Response**

It’s just that the actual link, when hovered, gives the URL:

http://signin_ebay_account.barami.kr:7301/ebay.htm

I presume, however, that if you sent out 10 million of these, there’s a chance that even 0.01% don’t display the URL in their browser when visiting a site…you got quite a few email accounts to start off your scams…

I was a little more adventurous and visited the site, which is still up (a phresh phishing attempt!). The passport signin link does not work, and after “signing in” it became obvious that this isn’t just for gaining ebay account info, as they take you to a “confirmation” screen, asking you for all sorts of info including of course credit card info.

Man, i picked the wrong vocation.

Based on experience, i can think of two ways one can get into a line of work such as phishing. you start out wanting to “do good”, then slip into this, slowly convincing yourself your behaviour is okay…or one has a “seared conscience” to begin with…

This entry was posted on Friday, November 26th, 2004 at 9:46 am. You can follow any responses to this entry through the RSS 2.0 feed. Responses are currently closed, but you can trackback from your own site.

Viewing 2 Comments

Courtney 4 years ago 1 point
Please login to rate.

Do you already have an account? Log in and claim this comment.

And the typical recipient of these emails don't even think to mouse-over links to get their true target before clicking. I preach sensible Web behavior to my family all the time. The Web's just like any other place nowadays. There are always those that want to take from you what they can't or choose not to earn.

http://www.code624.com

jon 4 years ago 1 point
Please login to rate.

Do you already have an account? Log in and claim this comment.

And the typical recipient of these emails don’t even think to mouse-over links to get their true target before clicking.

True indeed. I'm sure that's the main reason these guys make money. Interestingly enough, it still should be easy enough to fool even slightly more saavy folk, by using a javascript that changes the status bar to display the fake URL (or hide it altogether) -- which is why i never have liked the fact that you can change the status bar value with a mouseover. oh well.

http://www.smartbrother.org

Trackbacks

(Trackback URL)