• Get involved.
    We want your input!
    Apply for Membership and join the conversations about everything related to broadcasting.

    After we receive your registration, a moderator will review it. After your registration is approved, you will be permitted to post.
    If you use a disposable or false email address, your registration will be rejected.

    After your membership is approved, please take a minute to tell us a little bit about yourself.
    https://www.radiodiscussions.com/forums/introduce-yourself.1088/

    Thanks in advance and have fun!
    RadioDiscussions Administrators

So bad it's funny!

L

Les

Guest
Amazing!

The effort to which "phishers" will go in making their attempts at fraud
look very correct and official! But then it all falls apart.

Got one at my "alternative" e-mail account just now. Y'know, one of those accounts you set up with a whacky name so you can dump it when things get too crazy. A completely phony "person" who has never had a bank account, credit
card, or even bothered to be born.

Where it says "eBay logo" below was, indeed, a very nicely copied logo.

But then the text! Note the grammar and spelling...

If anyone reading this is inspired to do as they demand, please
don't. Instead, contact me at the e-mail address in my profile
and I'll send you instructions for wire-transferring $1,000 to
me personally. I can use it at least as much as sender and
would certainly appreciate it more. Besides, I use slightly
better grammar and spelling.....demonstrating my worthiness
and appreciation of your willingness to enrich my finances.


----[begin copy ]-----

eBay logo

eBay Member

As stated in the User Agreement, Section 41.1, we may send you this email.

We regret to inform you that your eBay account can be suspended if you do not solve your problems and you do not co-operate. After the multiple frauds registered lately, our company has initiated a study regarding this problem. In this study the company has reached the conclusion that most of the frauds were possible because of the low email service security level .

For a best deployment of our further activities (the frauds prevention) our company has decided to test for free the security of the email services that you (our users) use.

Hoping you have understood that we are doing all these for your own safety and for the good deployment of the relations between our company and its parteners we suggest
you to acces the following form to test your e-mail .


This problem is regarding any eBay member .

If you do not respond in 24h after you have received this eBay notice, your account might be closed and got out from our server .
So we ask you kindly to co-operate and let us know if you still use your account or not.
Please login into your account at this link:
http://signin.ebay.com/aw-cgi/eBayISAPI.dll?ItemsCancelation&ss=h:h:sin:US

If you have any other problems contact us.<P ID="signature">______________
lesahab.jpg
Due to underwhelming popular demand...</P>
 
I got one with just as bad grammar and worse spelling purporting to be from Citibank (of which i'm not an account holder). I get a "Paypal account suspension" once a week.

Just in case someone doesn't know, when you get one of these, do not divulge any personal information. Open a new window and log into your account and you'll be prompted if there's a problem. eBay and Paypal, at least, have addresses where you can report phising expeditions. ([email protected], [email protected])

















> Amazing!
>
> The effort to which "phishers" will go in making their
> attempts at fraud
> look very correct and official! But then it all falls
> apart.
>
> Got one at my "alternative" e-mail account just now.
> Y'know, one of those accounts you set up with a whacky name
> so you can dump it when things get too crazy. A completely
> phony "person" who has never had a bank account, credit
> card, or even bothered to be born.
>
> Where it says "eBay logo" below was, indeed, a very nicely
> copied logo.
>
> But then the text! Note the grammar and spelling...
>
> If anyone reading this is inspired to do as they demand,
> please
> don't. Instead, contact me at the e-mail address in my
> profile
> and I'll send you instructions for wire-transferring $1,000
> to
> me personally. I can use it at least as much as sender and
> would certainly appreciate it more. Besides, I use slightly
>
> better grammar and spelling.....demonstrating my worthiness
> and appreciation of your willingness to enrich my finances.
>
>
> ----[begin copy ]-----
>
> eBay logo
>
> eBay Member
>
> As stated in the User Agreement, Section 41.1, we may send
> you this email.
>
> We regret to inform you that your eBay account can be
> suspended if you do not solve your problems and you do not
> co-operate. After the multiple frauds registered lately, our
> company has initiated a study regarding this problem. In
> this study the company has reached the conclusion that most
> of the frauds were possible because of the low email service
> security level .
>
> For a best deployment of our further activities (the
> frauds prevention) our company has decided to test for free
> the security of the email services that you (our users) use.
>
>
> Hoping you have understood that we are doing all these
> for your own safety and for the good deployment of the
> relations between our company and its parteners we suggest
> you to acces the following form to test your e-mail .
>
>
> This problem is regarding any eBay member .
>
> If you do not respond in 24h after you have received this
> eBay notice, your account might be closed and got out from
> our server .
> So we ask you kindly to co-operate and let us know if you
> still use your account or not.
> Please login into your account at this link:
http://signin.> ebay.com/aw-cgi/eBayISAPI.dll?ItemsCancelation&ss=h:h:sin:US
>
>
> If you have any other problems contact us.
>
<P ID="signature">______________
"You can't say 'moron' on the radio, you can only say 'moron' on television"...FCC official on an episode of "The Fairly Oddparents" which my son watches</P>
 
Even if I got e-mail saying it's my bank, I'd know it's fake...

...because I don't do online banking. I use an amazing system that's been in place for years, known as "branches."
IMO, this is the best online fraud deterrent, since nobody at my bank would have my e-mail address.<P ID="signature">______________
"Oregon, welcome to California!" - Bob Barker
Moderator at <a target="_blank" href=http://freedomlist.com/>Freedomlist</a> (not radio related)</P>
 
I do do Online Banking...

and everything else that can possibly be done Electronically. Do you still write Checks at the Supermarket?

> ...because I don't do online banking. I use an amazing
> system that's been in place for years, known as "branches."
> IMO, this is the best online fraud deterrent, since nobody
> at my bank would have my e-mail address.
>
 
Re: I do do Online Banking...

> and everything else that can possibly be done
> Electronically. Do you still write Checks at the
> Supermarket?

As a stunt, yes. Writing checks for a $0.25 stick of gum.
 
Re: Even if I got e-mail saying it's my bank, I'd know it's fake...

> ...because I don't do online banking. I use an amazing
> system that's been in place for years, known as "branches."
> IMO, this is the best online fraud deterrent, since nobody
> at my bank would have my e-mail address.

Branches? They still have those? Do they still employ those cashiers who are so slow they didn't make the cut at Walmart?

There is an easy way to tell if an email from a bank is legitimate or not. Banks never email anything you didn't ask for, so if its from any bank and it wants information, it's phishing. They won't even email you information if you ASK them to.

You know what I can't figure out? Why do people worry about online fraud so much but think nothing of handing their card to a cashier at Home Depot? Seems to me offline fraud is easier than online fraud.

I don't mail things either. The US Postal Service doesn't encrypt my correspondence.
 
Re: Even if I got e-mail saying it's my bank, I'd know it's fake...

> You know what I can't figure out? Why do people worry about
> online fraud so much but think nothing of handing their card
> to a cashier at Home Depot? Seems to me offline fraud is
> easier than online fraud.

Because in order to use that card in person, they need to physically posess it....they don't. In order to use it online, they need the rest of your information...they don't. If I wanted to intercept your transmission or somehow otherwise obtain your info via a computer, chances are I'd grab all of the info necessary to do a non-swipe transaction.

> I don't mail things either. The US Postal Service doesn't
> encrypt my correspondence.

The postal service isn't aware of what's in your envelope. I would know, with absolute certainty, what data you're transmitting unlike an anonymous envelope.
 
> Just in case someone doesn't know, when you get one of
> these, do not divulge any personal information. Open a new
> window and log into your account and you'll be prompted if
> there's a problem. eBay and Paypal, at least, have addresses
> where you can report phising expeditions. ([email protected],
> [email protected])

I report a number of them every week to both of those addresses. I wonder if that really does anything? The auto-replies I get to those reports are obviously form letters, sent back almost immediately at times. Too soon for any "investigative" work to be done.

They must get an overwhelming amount of those reports every day, probably thousands. It's hard to believe that they would actually be able take the time and manpower to try to track down all the Phisher's domains and bust them to the "proper authorites", as it says on the auto-reply.

I'm guessing that the eBay/PayPal auto-replies to spoof reports are probably mainly just to make people feel better, and make it appear as if something is being done.
 
Re: Even if I got e-mail saying it's my bank, I'd know it's fake...

> > ...because I don't do online banking. I use an amazing
> > system that's been in place for years, known as "branches."
> > IMO, this is the best online fraud deterrent, since nobody
> > at my bank would have my e-mail address.
>
> Branches? They still have those? Do they still employ those
> cashiers who are so slow they didn't make the cut at Walmart?

Yes! Get away from huge conglomerates like Bank Of America and use a small neighborhood bank, if there are any left in your area. There are real tellers! And they're obviously trained better, because small local banks know that they have to provide better service in order to compete with the national Goliaths.

The small local bank I use has just a handful of branches in my area. They have on-line banking too, but I only use that to check my balance. I make all transactions in person.
 
Re: Even if I got e-mail saying it's my bank, I'd know it's fake...

> Yes! Get away from huge conglomerates like Bank Of America
> and use a small neighborhood bank, if there are any left in
> your area. There are real tellers! And they're obviously
> trained better, because small local banks know that they
> have to provide better service in order to compete with the
> national Goliaths.
>
> The small local bank I use has just a handful of branches in
> my area. They have on-line banking too, but I only use that
> to check my balance. I make all transactions in person.

Eh... personally, I like knowing that pretty much wherever I am there will be a branch or ATM available that can do my banking. The small banks can't offer that.<P ID="signature">______________
--Scott
Eastern NC & Raleigh/Greensboro Moderator</P>
 
Re: Even if I got e-mail saying it's my bank, I'd know it's fake...

>
> The small local bank I use has just a handful of branches in
> my area. They have on-line banking too, but I only use that
> to check my balance. I make all transactions in person.
>


Alas, many of these small banks tend to keep "banker's hours", and unless it's convenient to take time off work during business hours (or work non-standard hours) you never get a chance to do your banking. One advantage to the big banks is that many of them have branches in malls or supermarkets that are open 7 days a week, and extended hours. Lots more ATMs too.

I'd rather use a smaller, more personal bank but some of us lead hectic lives.
 
> Amazing!
>
> The effort to which "phishers" will go in making their
> attempts at fraud
> look very correct and official! But then it all falls
> apart.

http://pages.ebay.com/help/confidence/isgw-account-theft-spoof.html

http://web.archive.org/web/20041015162249/http://www.jellico.com/spoof.html

Good info about how to deal with those emails with spoofed addresses/headers
asking you to give personal info, etc. "Hey, why is Citibank asking for my
account number and password? I don't even have an account with them!" But
hey, if you did, and fell for it...

Often these guys operate overseas and you have no recourse if they use your
personal info to get your money, etc.
Follow the instructions (report spoofed header emails to
PayPal, EBay, etc.) and know the warning signs. The second site gives an
example of an email supposedly from Ebay which was really from someone in
Korea.

--
A couple sure indications it's a scam: just got an email with a mis-spelled
header:

PayPal Account Security Measuers

and it starts with
Your account has been randomly flagged in our system as a part of our
routine security measures.

--
The "you must verify your account" request
(asking for your password or CC number) is definitely a scam. Suppose your
"bank" emails you and asks for you to verify your passwords, etc. They won't
do it by email (or they shouldn't). Email the bank's
_real_ account people at the bank's official site, call them, or stop by (my
own bank is right here in town) and
tell them what you received.

And never, ever click the link in these emails. It will lead you to the
scammer's site, where the gullible will give personal info in a form
and get robbed of personal info! Instead go to the REAL Ebay/PayPal/bank
site if you must deal with them.
 
Fraud: Online or offline

JS: "You know what I can't figure out? Why do people worry about online fraud so much but think nothing of handing their card to a cashier at Home Depot? Seems to me offline fraud is easier than online fraud.."

SB:"Because in order to use that card in person, they need to physically posess it....they don't. In order to use it online, they need the rest of your information...they don't. If I wanted to intercept your transmission or somehow otherwise obtain your info via a computer, chances are I'd grab all of the info necessary to do a non-swipe transaction."

I understand. I just meant that when you hand the card to the cashier, he then knows your number and can sell the number or use it online to make a purchase. The only thing he need besides the number is name, address and phone and the 3 digit security code. The security code is on the back of the card, so the cashier has two out of three before you leave the store. Unless you've never been to that store, he probably already has your address and phone number. If not, it can be retrieved online.
Normally, that takes about 15 seconds. For really hard ones, it might take 15 minutes but that's about it. I'm preparing a lawsuit against a former client who lives in another state. You wouldn't believe how much information I've compiled on this rascal, all free and without leaving my home office. It was a little tricky because he uses an alias but I even got through that.

JS: "I don't mail things either. The US Postal Service doesn't encrypt my correspondence."
SB: "The postal service isn't aware of what's in your envelope. I would know, with absolute certainty, what data you're transmitting unlike an anonymous envelope."

It's not the USPS you have to worry about. I wouldn't have a clue how to unravel 128-bit encryption. I do know how to swipe snail mail and get your checking account routing number and account number. With that, draining your account is not that hard. Most people think a signature or some proof of ownership would be needed. Most people think wrong. That's why I use credit cards, but not debit cards. There's higher security associated with credit cards than with bank accounts.

Fortunately, its only a nuisance to the consumer. The bank would have to restore the funds unless you were really careless and failed to report it in a timely manner. Check your credit card and bank balances online. Often. Check your credit reports too. Otherwise, someone could be using your information to get their own cards and you won't know it until the unpaid balances get so big that the collection agencies start dunning you. If you check your credit report, you will know if there are unauthorized credit checks, a sure sign someone is trying to get credit in your name.
 
Re: Even if I got e-mail saying it's my bank, I'd know it's fake...

> > The small local bank I use has just a handful of branches in
> > my area. They have on-line banking too, but I only use that
> > to check my balance. I make all transactions in person.
>
> Alas, many of these small banks tend to keep "banker's
> hours", and unless it's convenient to take time off work
> during business hours (or work non-standard hours) you never
> get a chance to do your banking. One advantage to the big
> banks is that many of them have branches in malls or
> supermarkets that are open 7 days a week, and extended
> hours. Lots more ATMs too.

True, the branches of my bank all close weeknights by 5 PM (6 PM on Thursdays and Fridays), but they're also open on Saturdays 9 AM - 1 PM (one branch 'til 2 PM), which I've used often.

As for ATM's, my local bank is on the "SUM" network, and supposedly you can use any ATM on the "SUM" network anywhere, free of additional charges. I haven't tried it yet myself.

I used to use Fleet Bank Boston (which became part of Bank Of America), but the amount of sneaky hidden surcharges they used to sock me with was ridiculous. I couldn't always maintain a balance over their minimums or know to conform to all their other fine print stipulations in all other situations, and I don't want to help finance some bank president's Cadillac because of it. I've had no problems with any surcharges since switching to a local bank two years ago.
 
Status
This thread has been closed due to inactivity. You can create a new thread to discuss this topic.
Back
Top Bottom