|Fri, September 7th, 2007||#1|
Are spammers even trying anymore?
Look with me at the latest email I recieved.
Okay. That is the bulk of the text.
First, I do not have a Bank of America account, nor have I ever.
Second, the address this came from was [email protected]. That's not suspicious at all.
Third, and this is purely speculation, but I don't think one of the biggest banks in the country would have something like "sslencrypt218bit" in a link to it's online banking center.
Fourth, it's not very professional. Phrases like "someone had used your account", "different locations.For" and "The help speeed up" make me sad for todays spammers.
Finally, wouldn't you also think there would be some sort of signature, perhaps the name of a CEO or other name (even a fake one!) to lend it at least a little bit of credibility?
Man, what a lazy attempt at spam.
It makes me nostaligic for the days of Leader Next Human Sandwich.
Now 20% More Annoying!!
|Fri, September 7th, 2007||#2|
Actually this sort of seems like old school spam.
You know, even if it had some sort of signature, that doesn't do anything but look credible. It's not like people can't just sign random names and pretend they are the president. A picture of someone's signature never sat well with me as proof of.... anything. Heck, if banks did routinely put their president's signature in the email, they could just copy that image into their spam.
The idea just seems to be to scare someone not versed in critical thinking into a "what-if" proposal of "if it's true, it would be bad, I better act on that". This is really no different from the olden days of selling dragon wards and demon excizing seals to people. They couldn't take the chance, even though there's no evidence there even is a chance to be taken.
I mean seriously, why would a bank do anything in the way this letter describes they would? Would a bank actually just "close" an account outright if they think someone is fraudulently taking money? They make it sound like they are just going to take all the money in the account for themselves if they suspect someone else is taking it. Um, I doubt that. More likely they'd invalidate PIN numbers and cards and call the person to inform them of that. Quick conversation on the phone later and it's all back up and running. Also, no information on details? It's not like this person can't just CHECK their account to make sure the balance adds up, and why wouldn't the bank inform them of the details?
These are the sorts of things you have to ask, and then there's the single nitpick that every single bank in the US, in fact EVERY company that lets you make an account with them to my knowledge, now informs their users from the moment they sign up that they will never use email to check account verification.
That's another thing! If they think someone else is frauding you, how on earth is signing into some web site supposed to help verify it? I suppose maybe if they didn't want to share the transactions except on some secure web page, but that's still stupid. If they don't think that email is secure enough, why are they sending this information to it to begin with?
That said, too many people will fall for it. Some people take a laid back "well whatevder it's not MY money" attitude but to be honest I would prefer if people started caring more about these victims. In all honesty I think schools should focus on teaching people how to critically check facts. Too many teach the facts in a text book in a "don't question it" manner. If they taught them as well as the methods used to get to that information, maybe that would help. Heck I'd like to see involved school projects where a teacher provides books with knowingly false information and had the kids do research to figure out what's actually true or not. They wouldn't even need to print new books. Outdated science books STILL teach the false notions of backwards water flushery down south and the whole "regions of taste on the tongue" thing (place salt anywhere on your tongue and you'll see what I mean, salt tasters are all over it, not in regions). These are bits of information that always seem to make their way into the text books, when the thing is, both of those bits have never been accepted facts in the scientific community. Someone managed to get some misunderstanding (maybe they inferred correalis effect worked on small enough a scale to affect drain spin direction as well as hurricanes but didn't check their facts) and it is now in books everywhere. This provides a great opportunity for skeptical teaching though so I say go ahead and leave it there so long as the kids are corrected. Teach them the false notion of water spinning, then get them to experiment in class. Watch for a while as some of them start defending the book when the water sometimes spins the other way by making up excuses why this sink is wrong or the air is wrong, while others suggest that maybe the book is flawed. Point out that making up excuses for failures of claims like that is probably not the best way to go about getting info. Then do a delicious tongue region taste test. These sorts of involved, questioning, THINKING teaching methods would prepair people to perhaps question that odd email from that monolithic company "the bank", questionining perhaps if, say, it isn't even FROM the bank.
And my rant is over.
"On two occasions, I have been asked [by members of Parliament], 'Pray, Mr. Babbage, if you put into the machine wrong figures, will the right answers come out?' I am not able to rightly apprehend the kind of confusion of ideas that could provoke such a question." ~ Charles Babbage (1791-1871)
|Fri, September 7th, 2007||#3|
To be fair, English probably isn't even their first language.
My name is Great Rumbler and I'm from the Sub-Human Tractor Planet! ZOOP!!
Read my web log.
|Fri, September 7th, 2007||#4|
I think the biggest giveaway is the fact that they don't have a fully qualified domain name. Do they honestly expect me to believe that the Bank of America would host a web site by ip only and not register a domain?
Phishing websites almost never register a domain name because the WhoIs server would reveal their identity.
BTW: everything after the IP address is the banks real url to the page. sslencrypt218bit stands for secure socket layer encrypt 218 bit. They probably have script that will accept any domain go out and fetch the real page but postback to their server instead any goodies you type in first, and then fetch the real next page reposting any form data you entered to the real server along the way. Most users never know their on the wrong site.
"I once dreamt that I played "cannon in D", on an electric guitar, like a fiddle, in the style of a ho down." ~ me
"You are god to us dream characters. Some of us love you and some of us hate you, and some dream characters want to be left alone." Then he paused and he said "When you are awake, you are a dream character to God. You and everyone else are what God sees when he sleeps." ~ XGM
VILLAGE OF CLONES - Latest Film
(Watch Episode Today!) - (Visit Channel)
Latest Deivant Artwork
Broken Matrimony by ~etoven on deviantART
Last edited by etoven : Fri, September 7th, 2007 at 07:27 PM.
|Thread Tools||Search this Thread|
|Display Modes||Rate This Thread|
|Thread||Thread Starter||Forum||Replies||Last Post|
|118 - I Don't Even Know What's Going On Anymore||Great Rumbler||Great Rumbler||1||Mon, August 6th, 2007 10:52 AM|
|From last E3: Capcom says Japan doesn't matter anymore||A Black Falcon||Multiconsole City||11||Thu, August 24th, 2006 03:28 PM|
|We shouldn't stand for it anymore! :)||A Black Falcon||Tendo City||20||Mon, June 6th, 2005 12:20 PM|