I don’t know about you, but I’ve had at least half a dozen copies of this rubbish in the past week:
with a screensaver file attached!
Oh yes, .scr files, they are mighty secure. And of course Paypal is going to ask me to enter my personal details into an application like that, by sending out emails with strings of random fucking characters in them. Yes, sounds kosher to me.
Obviously I haven’t run the application myself, but I found a man who did. Ha! It gets better. “Please provide us with your correct PIN number so we are avle to cross check your credit card with your bank account”. Oh, and lets have your CVV number as well. Y’know, the secret fucking code that is only available if you have the sodding card right in front of you?
Hell yeah, how about I tell you my momma’s inside-leg measurement too?
Jeez. Idiots. Who falls for this crap?
<sidetrack>
Oh yeah - the same people that fell for a very similar scam by people pretending to be my bank. Thanks to the idiots entering their PINs and passwords into a phony site, my bank felt the need to take their whole online banking site down for many hours! Thus inconveniencing everyone, including those of us with half an ounce of fucking sense.
</sidetrack>
Sadly, plenty of dumbasses fall for this kind of thing. Even sadder is that a substantial subset of those dumbasses will fall for BOTH the virus-lzaden attachment, AND the password-harvesting scheme.
I had the hardest time last spring convincing a guy at work that there is NO Teddy Bear virus. The teddy bear icon is a PROGRAM in his computer that is supposed to be there! And Norton and MacAffee don’t indentify it because it is NOT a virus.
Sheesh, I just hope he read and sent on all the info I sent him from Nortons site about it.
Hell needs a level just for the maggots that send those hoaxes out!
Well this one was pretty obvious. Hmm . . . if I don’t take some time from my busy day my PayPal account will expire? Well, then, let it expire and the hell with 'em, is what I thought.
Then I thought again, only this time what I thought was: Another scam!
So no, I didn’t fall for it–although I might have, it was almost believable.
The really bad one was when Microsoft kept sending me “patches” for the “virus problem.” My husband said, “Oh, I’m sure it’s okay–it’s from Microsoft, they always send updates.”
They don’t, they don’t, they don’t. He only said that because we got this particular scam message about 110 times.
I feel bad for those who fell for this, but they are not stupid. They fell for something that was designed to look legit, like all scams.
What I don’t understand is why so many people spend all this time and effort to do something illegal, when with the same investment of time, effort, and applied smarts, they could make as much money legitimately.
What’s really fun is the new, unpatched security vulnerability that allows URLs to display in the addressbar and statusbar as, for example, www.paypal.com, when in fact they’re using some ASCII chars to hose IE’s URL parsing system. Note that I don’t speak of the old, tired www.paypal.com:blah@blah.com thing, but the one that actually makes www.paypal.com appear. Quite nasty.
I’ve been getting the paypal scam every day for the last 6 weeks on an email address that isn’t associated with my paypal account. I just forward them to spoof@paypal.com. It doesn’t seem to change anything, but now it is a test of wills between me and them…
“Phishing” (i.e. spam designed to trick you into revealing your online account details) is like all spam. It is not targeted, it’s fired out to any email account possible. So you can get this scam, and those like it, on any email address, even if you don’t have any online account of any description at all.
I’ve received 2 eBay ones this year. The site they took me too was a very slick mockup of the eBay site. It was only when I saw all the stuff they were asking that my spider-sense started to tingle. I checked the eBay site for a link to their Security Center, which is when I found out that these scams are fairly common.
A partner in my law office got suckered in by one of those and spent the better part of his summer on the phone with Citibank trying to straighten it all out. So it’s not necessarily stupid people that fall for it.
