Blog

CodeStock 2008 06/23/2008
Feedburner 06/11/2008
A Post About How I Haven't Posted 06/11/2008
I Almost Died On Sunday 05/28/2008
What's SharePoint Good For? 03/26/2008
Linking Membership to other tables 03/17/2008
Questions about Document Management with SharePoint 03/10/2008
Fixed! 02/27/2008
The Worst Cubicle Ever 02/22/2008
The Music Game: C 02/17/2008
Interesting situations 02/16/2008
The Music Game: B 02/10/2008
Your computer asplode 02/04/2008
The Music Game: A 02/04/2008
Blog meme 02/01/2008
Who's the biggest loser? 02/01/2008
The Survey and The $2 Bill 02/01/2008
It's a load bearing bottle 01/31/2008
The Phishers Aren't Trying Anymore 01/30/2008
Your skill in Confidence has increased by 1. 01/27/2008
The rewrite bug may be catching 01/22/2008
OMGWTFPHOTOS! 01/10/2008
Soy Latte Is People 01/04/2008
Rails is a Ghetto? 01/03/2008
2007, according to my blog 01/01/2008

Recent Updates

Programming: Windows SharePoint Services 3.0 Notes 06/30/2008
Programming: Windows Development Toolbox 06/13/2008
Etc.: About this Site 06/04/2008
Gaming: Wii Friend Codes 05/22/2008
Programming: SQL Reporting Services Notes 05/13/2008
Programming: SQL Server Notes 05/09/2008
Programming: .NET Notes 04/24/2008
Programming: Random Notes 04/04/2008
Programming: Networking Notes 04/04/2008
Gaming: DDR Tips 01/27/2008
Programming: SqlFixture 10/17/2007
Programming: WebSessions Log File Analyzer 10/17/2007
Etc.: Wallpaper 10/08/2007
Programming: IIS Notes 06/14/2007
Programming: ASP.NET Notes 06/14/2007
Programming: X360MediaServe Patch 05/19/2007
Etc.: Links 04/30/2007
Gaming: WoW: Reagent Tips 09/27/2006

Twitter Updates

View my Twitter profile

Content

Comments

Hmm..., Nathan Blevins, 01/30/2008
Legitimacy, Dylan Wolf, 01/31/2008
, Russell Hooper, 02/05/2008

The Phishers Aren't Trying Anymore

January 30, 2008 12:36 AM

I just got an email stating that Paypal's Account Review Department suspected an unauthorized transaction on my account. So, I did what any panicky user would do: I clicked on the big PayPal logo at the top of the page.

I immediately realized PayPal probably wouldn't send any emails with a reply-to address of akstcaagsemnsdgs@aagse.com

Ironically, the big PayPay logo at the top of the page was really and truly a link to https://www.paypal.com/. So had I logged in, I think I would have been safe. The tiny, normal, inline link to the "Resolution Center," however--that was the trap.

So--the most prominent link on the page takes you to the real site, and the link on the bottom of the page takes you to the phisher's site. Is it just me, or does that seem like the most ineffective scam ever?

Comments

Hmm...

Nathan Blevins • January 30, 2008 09:19 AM

On the flip side, it does offer a bit of legitimacy. I usually hover links in emails to see where they go and it they are legit. In that case, I probably would have hovered the PayPal link and moved on to the next.

Then again, maybe they would have just gotten lucky w/ me.. :)

On a side note, looks like you have a free floating " --> " comment ending on the upper-left side of the content area.

Legitimacy

Dylan Wolf • January 31, 2008 12:19 AM

I don't really think phishers look at legitimacy that much. It's like spammers--I don't think they proofread, or think about what will sell, or anything like that. If you send enough out, odds are someone will fall for it.

I think I fixed the comment thing. It's probably from where I commented out the Amazon ads... which were neat, but (1) probably pointless and (2) hosing up my site when they didn't work right.

Russell Hooper • February 5, 2008 06:41 AM

Isn't there this new thing where people have links to a site, usually your bank's online banking page, that appears to be 100% legit but is actually a scam to get your bank account number?

Could this be the same?

Post a Comment

To post a comment to this blog entry, login below: