Wednesday, February 21, 2007
 
That's No Phish; That's An Amphibian
Today, I received this message:

The phish e-mail


Oh, no, I thought like good little phishbait. I didn't even bid on that.

But instead of clicking through on the e-mail, I go to ebay.com and search for the item.

Well, low and behold, the item number in question was an actual item and it was offered by the seller mentioned in the phish e-mail:

The phish e-mail


Of course, it's still obviously a phish because:
  1. That's not the e-mail address tied to my eBay account.

  2. The e-mail lacks most eBay header/footer details.

  3. The message headers indicate it came from somewhere besides eBay.

  4. The auction that I was "delinquent" for hadn't ended by the time I received an e-mail.
But still, the sophistication of this particular phish is remarkable. It scrapes an actual auction off of the eBay site before or at the time of mailing to make it seem more authentic.

I'm almost afraid enough to vow to never click a link in an e-mail again, but I'd probably get fired.


- posted by Brian J. @ 6:40 PM
Comments:
I have my spam filter set to "kill" and that stops everything spammish/scammish from getting through. However, someone found a way to blow past all my high tech defenses and render them meaningless.

This Nigerian style scam letter was sent by snail mail, Her majesty's Royal Snail Mail from Great Britain.

It's crude and uygly but, it got through.

The letter:
http://farm1.static.flickr.com/149/393128183_061f04f533_b.jpg

The postage:
http://farm1.static.flickr.com/154/393128185_e9240de91e_o.jpg

Fred

P.S. You can forward your email to spoof@ebay.com.
# posted by Anonymous Anonymous : Wednesday, February 21, 2007 7:47:00 PM
 


Post a Comment

<< Home
 
To say Noggle, one first must be able to say the "Nah."