Wednesday, 01 June 2005, 19:22:57 EDT
Lately I have been getting a lot of phishing emails. Today I decided to poke around at one and see what I could learn about it. This particular email is posing as Pay Pal informing me that some fraudulent activity has happened on my account. Okay, I just happen to have a Pay Pal account so at least that part is decently targeted (as if they even try that hard any more). The biggest tip off that the email is not from Pay Pal is that it wasn't sent to the email account I have registered with Pay Pal. Another glaring foul is that the email is generic. At one point it tries to make a reference to my account but leaves off the account name! Then I decided to see what site the email really points to. It seems that it goes to http://www.paypal.com.secure-check54.info/; if you even go to http://secure-check54.info/ you get redirected to their phishing site. This phishing scam is particularly bad. None of the "links" on that site actually do anything and they didn't even bother with the navigation tabs.
I just found that hilarious. I also want to take this time to alert some of the less savvy people that read this site as to how to detect a scam such as this. If you get an email from some company, particularly a bank, which you didn't solicit you should first note whether or not you even have any association with that entity; I received an email posing to be from "Southtrust" bank yesterday and I have never had an account with that bank. If you don't do business with that entity just delete the email and go on with your day. If you do have business with them, make sure that you received the email via the account registered with that entity. If so, make sure that the email is addressed directly to you, and I don't mean the email address; make sure that the body of the email specifically states your precise account information. Finally, if you really think that the email is valid, even though you didn't solicit the email, then do not use any of the links in the email. Manually type the web site address in to your web browser or use a bookmark that you created yourself.
If you receive a phishing email you could also do your part and report it. Just forward the email to firstname.lastname@example.org. Technically, the address is meant for reporting unsolicited commercial advertisement emails that do not meet the CAN-SPAM Act requirements. However, this page requests the phishing emails as well. If you want to read more about this stuff then check out http://www.ftc.gov/spam/ and http://www.antiphishing.org/.