I got an email this morning claiming to be from Citibank, asking me to go to a web page and enter my account/PIN “for verification”. Being on the internet a while, as soon as I saw the subject line I realize it’s a scam. But it still wouldn’t have taken Sherlock Holmes to figure this one out.
It’s riddled with misspellings, probably to get past my Bayesian spam filter (which it did).
The URL is an obvious mislead, looking like it goes to citibank.com but going to something like citi-card.com
Banks NEVER send out emails like this
I don’t have any accounts with Citibank.
What pisses me off though is that are many people out there not so internet-savvy, like my mom, who might be fooled by this shit. I forwarded it to her, and pointed out it’s a scam, so I know she’s learning, but it worries me.
Fuck you scammers, fuck you with a rusty meat hook in the urethra.
Yeah, I did forward a copy to postmaster@citibank.com. With some luck, maybe this person didn’t cover his/her tracks well enough and will get caught. Probably unlikely, but you never know.
Heh. I just recently got 2 emails claiming to be from my ISP–one claiming my credit card number had been lost and I needed to click the link in the email to re-enter it so my access wouldn’t be cut off; and one claiming that my account had been broken into and the password changed, but they’d changed it back to allow me access, but they recommended I click on the link in the email to change it. Both links were disguised to look like earthlink URLs (one had a www.earthlink at the beginning but with that @ sign in the middle that signals it’s a big fake; I don’t remember what the other one was); both had hotmail addies as the return address and the reply-to address of the email.
Are people really stupid enough to think an ISP will use hotmail addresses?
Are people really stupid enough to think that in order to change their ISP password that they have to enter their name, address, login name, credit card number, PIN, that 3 digit security code from the back of the credit card, phone number and a whole bunch of other stuff (I clicked that link just to see what the scam was–there was other info it asked for too, but I don’t remember the rest of it)? When I change my password, I type in the ISP’s URL manually and then go to the password change page; all it asks for is my login name, old password and new password.
I got one of those earthlink ones yesterday, too. It was actually very well done — they matched the color and logo scheme of most earthlink correspondence, and there were no typos or bad grammar.
I didn’t bother to check the button; I just forwarded a copy of it to fraud@earthlink.net.
I got that Earthlink scam yesterday too. The site it sends you to doesn’t have a domain name, just an IP address. It appears to be hosted in South Korea.
I’ve been getting a lot of eBay and PayPal scam letters, all of them wanting me to click on a link and re-enter my information…ummmmmm, no, I don’t THINK so.
I’ve continually get the spam emails, even with the filters on. I’ve gotten the EBay ones–and I’ve never had an account there. I keep getting ones for prescription drugs on the internet. Every once in a while I get the -way- porno ones (ICK!); the perps of these spam seem to have found a loophole in many filters by “disguising” the subjects of the mail with 1’s replacing l’s or even i’s in some cases (i.e., pen1s). The ones I get the most, though, are those Nigerian scam ones; I’ve also gotten them from Ghana, South Africa and even the Philippines. Will the authorities ever be able to put an end to this crap?! GAH!
Hey, how about putting in fake CC#s and passwords to waste their time? It might not do anything, but it’s kind of fun imagining them trying to figure it out, perhaps thinking that you just made a single typo somewhere. It’s, uh, therapeutic
I just got the South African diamond mine one last week. For a small fee (bullshit), I can share in whatever profits come from the mine. If I had had a horseshit detector wired into my computer, that e-mail would have pegged the meter, then broken it.
I’ve also gotten ones for enlarging breast sizes…too bad I’m a guy. Penis enlargements are yet another common type of spam I get in the bulk mail folder. I feel like replying to those ads, "As it is, mine is so long, I have to look out for shutting doors, people walking, rocking chairs, etc., so I don’t think I’ll be needing your product’. Idiots.
And for reasons beyond me, some people seem to think I’ll waste my money on a Paris Hilton sex tape. I’ve got better things to do with my money, like save up for that root canal I’d enjoy more than a Paris Hilton sex tape…
The Earthlink fakers have been busy – I’ve something like five so far in 2004 alone.
They HAVE been getting better, they now spoof the source address so as to make it look on a plain mail-reader like OE like it came from an EL addy. But if you care to waste about ten seconds opening the message source code and/or tracking path, they’re busted.
The eBay/PayPal-ers, though, just plain don’t get that a legit business of that magnitude would NOT spell-spoof its own name…
