Useful information, interesting links, and much more.
You are visiting  
Please choose a

Use the menu to view your

Choose an article with these menus. To return to your last choices use your browser's BACK button.
Special Links
American Patriotism
Short Cut Menu
God Bless America
 
Home Page

Click Picks
Internet & Security
Loading

   • Enter search text below.
   • Press the "Search" button.
   • Click "X" to return here.

12. Phishing Scams Revisited

Checking your e-mail closely may save you a lot of grief. The tell-tale signs are there, if you look for them.

Next Page
See also

On June 22, 2004, we received a number of mailings that appear to be "phishing" scams, which try to obtain your personal information. One was from US Bank, where we do not have an account, and several were from PayPal, where we do have one.

The letterhead on both letters is well done and the requests seem reasonable. The writing styles were not laced with the common clumsiness and "pigeon English" we have seen in the past but they did have several glaring errors.

There were a few give-aways that something is amiss. Our guess is that in time these obvious clues will be corrected and you will not know immediately if you are being scammed.

A case in point: We recently received a mailer from PayPal advising that they were updating their records. That sounds suspicious, doesn't it? The appearance of the letter was similar to that of the PayPal phishing spams we have received. Of course it would be; the scammers copied PayPal's style in their letters.

This mailing did not ask for information and it gave a secure link to PayPal's real Website. They were asking only that the information presented be corrected if necessary, not for us to furnish information. Of course, a scammer could have presented bogus information and asked for it to be "updated" but a large amount of wrong information would have been a dead give-away.

We sent a note to PayPal concerning this. They advised that it was indeed a "real" mailing and a regular thing that they do.

Let's examine the two mailings and see what is wrong with them.


 
 

Take a look at the message in the first paragraph. It has some grammatical and punctuation errors and the style is terrible.

Now look at the link they provide. It's a pretty complicated path and it is not secure (https://). Note that when the mouse was over the link the actual address, shown at the bottom left of the browser screen, was nothing like the address in the link. In other words, you will be going to the server 3322.org and not a US Bank site.

 

Text as written
Errors highlighted

During our regular update and verification of the Internet Banking Accounts, we could not verify your current information. Either your information has been changed or incomplete, as a result your access to use our services has been limited. Please update your information

To update your account information and start using our services please click on the link below:

Better wording
Errors corrected

During our regular update and verification of your account we could not verify your current information. Either your information has been changed or it is incomplete. As a result, your access to use our services has been limited.

Please update your information by clicking on the link below:

 

The text is poorly written to begin with and the punctuation and capitalization errors are just sloppy. This is not what one would expect to receive from a large company such as a bank. The interesting thing is that we do not deal with this bank.

Now look at the message below from e-Bay and see if it does not look familiar.

 
 

Text as written
Errors highlighted

During our regular update and verification of the accounts, We couldn't verify your current information.Either your information has changed or it is incomplete.

As a result,Your access to bid or buy on eBay has been restricted. To start using your eBay account fully,
Please update and verify your information by clicking below

Text as it should read
Errors corrected

During our regular update and verification of our accounts we couldn't verify your current information. Either your information has changed or it is incomplete.

As a result, your access to bid or buy on eBay has been restricted. To start using your eBay account fully, please update and verify your information by clicking on the button below.

Once again, the text is poorly written and full of punctuation errors and problems with capitalization and spacing. The graphic elements look very real. That is because they are all linked to the e-Bay site; they are actual e-Bay graphics.

 

 
So, here you have two classic phishing scams. Both are reasonably well executed but both bear the tell-tale signs of sloppiness. Note, however that these are far better than the PayPal phishing letters we got last year. Maybe the scammers are brushing up on their English.

Next Page
See also

rev 01/27/13
<12/18/04

   
www.Eagle-Wing.Net