Jibber jabber ecards2/8/2024 ![]() I'm not talking about some flunky from his office-the real Attorney General. It reminds me of the incident about six months ago where the Attorney General of Colorado arranged to make a personal appearance at a senior center to show attendees how to protect themselves from the types of consumer and investor fraud perpetrated specifically on senior citizens. The 90-percentile group doesn't want to hear about it. The remaining have read it because they were victimized by phishing or some other kind of fraud. (Unfortunately, it's the site of a Swiss web design firm-one that apparently knows about graphics, but not security.)įrom comments I see all around the Internet, I would guess that a high 90-percentile of PayPal (and eBay) users have never read the spoof information that financial sites provide for their customers. The only clickable link in the message (the "Get Verified" link) takes the recipient to a PayPal login lookalike page that has been installed on a hijacked web site in Switzerland. All that the recipient would focus on are the bits in red, claiming that unless updated information is provided, the account will be deleted in 72 hours. But even if they were links to the real PayPal spoof tutorial, I don't think it would matter. Unfortunately, the items that should be links, like the "New spoof tutorial" heading, are not. I could see many a recipient thinking, "A crook wouldn't put so much in a message about detecting crooks." And they'd be dead wrong. No, what makes this message so insidious is that it will probably convince a recipient that it's legit because it talks so much about how to spot spoofs, how to protect your account, and so on. I won't even get into the goofy bit about the message supposedly being dated February 2006 and talking about the "upcoming year 2006" and the message being sent on 30 June 2006-it's just too easy a target. Bravo!)īut something caught my eye as I scoured a PayPal phishing message today that caused me to look more closely at the content of the message. (I have to say that Yahoo! domain registration and hosting folks have really stepped up their response lately. I periodically through the day check whether the reported pages have been taken down to help me know which ISPs respond quickly and which don't. I simply look through a message's source code for the destination URL, verify it's still active, trace the source of the domain/hosting outfit/IP block owner, report it, and delete the message.
0 Comments
Leave a Reply.AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |