A lazy and amusing phishing attempt

Scams on the Internet never cease to amaze me.  Some of them are sophisticated, some subtle, and some are just downright absurd.babelfish

I’d recently discovered a mailbox that I had left unattended for several years.  It had no anti-spam tool monitoring it, so it was mostly filled with really obvious spam messages and phishing attempts – email scams where people try to fool you into putting in your financial information into a site that looks like a legitimate banking site.

I found this message particularly amusing and thought I would share:

western_union

The email wants me to believe that Bank of America is giving me $30,000 in a lottery I never signed up for, never identifies me by name, and wants me to become a Western Union “Active Member.” (The message was sent in 2007, otherwise the Bank of the America reference would clearly be even less believable.)  All I have to do is send $400 to a Western Union in Phoenix, Arizona.  Phoenix isn’t even the corporate headquarters for Western Union.  Couldn’t they have thought of something more clever than that?  It seems pretty lazy.  It made me wonder how many people might have actually fallen for it.

Meanwhile, Microsoft recently published a study showing that the public estimates of losses due to phishing may be over-exaggerated by as much as a factor of 50.  In fact, most phishers may ultimately become victims themselves.  In the study, the researchers concluded that:

One explanation of the thriving trade in phishing-related services … is that phishers with more experience prey upon those with less. That is, those who have tried phishing and found it unprofitable or marginally profitable find it better to sell services to those who haven’t reached that conclusion yet.

So the big fish eat the little fish, just like in the sea.  Nice.

UPDATE:

I just took a peek at the Western Union website.  Maybe this type of scam is more prevalent than I thought.  Front and center on their online transfers page is a very clear and stern warning:

Protect Yourself from Fraud Don’t Send Money

  • To someone who you don’t know
  • To claim lottery or prize winnings
  • Based on a promise to receive a large amount of money
  • Because you were "guaranteed" a credit card or loan
  • In response to an Internet or phone offer that you aren’t sure is honest

It’s really surprising that people actually need to be warned that they shouldn’t send money to claim a lottery or prize winnings.

[Microsoft Phishing Study c/o InformationWeek]


One Response to “A lazy and amusing phishing attempt”

  1. Phishing scams are the biggest waste to society… they’re at the bottom of the barrel, next to metal thieves and those guys that run “begging for money” operations in India and China.