I’m no longer surprised by the evil cleverness of pfishers and scammers, but this just arrived in my mailbox, addressed to someone not-me, supposedly from “BBB <lisa@lakewood-manufacturing.co>”. The first clue that something was afoot was the message,* above an elaborate HTML display*, that said, “Your email does not support HTML. To see this message, click here.”
Below was the Better Business Bureau logo and the phrase, “Start with Trust.” Here’s the body of the message (I have removed 4 links, all of which don’t go to where you expect):
Googling for some of the specific phrases like the case number or “Anni Kobsch” was not fruitful, so the scammer is generating it on the fly. Note the tortured Nigerian-English in the message.
At the REAL BBB site (scroll to the bottom) is a list of scams and this one is called “Top Scam of The Year!”
They say, “Clicking on the link or attachment downloads malware that finds your bank info and transfers money.” Sweet.
I imagine, once installed in your computer, it looks for anything that can be connected with finance. Oddly, just before I got that email, I had accessed my bank account online, and I wonder if anything was left in RAM or in a cache or history somewhere that might lead them to the bank and possibly the account login info.
I’m not worried because I didn’t fall for it, but it’s sobering thought that I came that close.
A lot of money management programs can be set up to automatically connect to your bank and download your transaction record. Makes the programs very convenient to use but it could be a security problem here.
That’s the whole point of the malware. If you entered your bank name, number or password EVER in your computer, it might still be there, stored in plaintext, or easily decoded, either in RAM or in a file, possibly a browser work file. That’s what it’s looking for.
It’s a lot like someone emailing you a bogus story and when you say it’s just an old urban legend, they say, indignantly, “But it was checked by snopes!”
“How do you know?”
“Because it says, right here at the end, ‘Checked by snopes!’!”
The malware is typically a key-logger and some code that watches your internet activity. When you log into your online banking it captures your userid and password and sends it to a server the bad guys control. They then log into your online banking and empty your account.
Another version will install an invisible plugin into your browser to steal the session cookie created when you log into your account. The bad guys then use the cookie to create a duplicate session and empty your account.
Somebody call Axel Foley. He’s from the Council of Better Business Bureau Affairs Special Taskforce Bureau Department of Extraordinary…er…Councils, that’s what he’s from and if you want to take it up with them that’s your problem, man, but I wouldn’t recommend it because these people don’t fuck around when it comes to people like you wasting their time with pointless calls now OPEN THE EMAIL.
Whoa! Isn’t that a weird way to end a business email? I don’t know this Anni person and I don’t think I want them to be faithfully mine. Is this what you use if you are having an office affair? This alone would make me delete the email with disgust.
My aunt sent me one of those once. It had a picture with some (rather stupid) words on a sign someone was holding*****. The email said ‘Checked by snopes’, but I didn’t believe it, so I checked snopes. They had the exact same picture, except the words on the sign were mocking people for not checking snopes. I downloaded the picture and emailed it back to her.
***** I don’t remember what it was about, or I’d have included more details.
