Thursday, June 30, 2005

I caught a Phish THIS BIG!

Wow, this is one the best phishing scam emails I have seen to date. I almost fell for it. I'm pretty wise when it comes to rooting out scams. Most of them have poor grammar or say, Dear eBay Member or Dear eBay User

It seems the majority of phishers also have a problem with the word: information. Most phishing emails say something to the affect:

Dear eBay User,

We noticed recently that your eBay informations are out of order. Please visit the link below soon or your account might be suspended

Thank You,
The Ebay Team
Safe Harbor

[inserted type that appears to look like an ebay link, but is actually a picture of letters masking a hidden URL]

So - what does this have to do with Macs? Well, 99% of the stuff I sell on eBay are Apple parts. Also, the Apple category has a high number of fraudulent auctions versus the rest of eBay - mostly due to the average end cost of Macs versus PCs.

This email is especially clever because it appears that the all the links (except for the respond now link) are actual eBay links. This email uses eBay's own servers to serve the pictures.

I was able to get the following string of related online entities associated:

None of these services have viable contact information - but each has a very well done website. Some of the phone numbers available for these sites answer, but give a run around or just hang up.

Interesting that these sites have not been updated in a long time and the majority of them don't have easy to find contact information. (Some of the sites have 2002 copyrights on them)

[Update] I was able to get in contact with by dialing 1 866 467 8929 - an "executive manager" named Cassandra asked me to email their legal department about my issue. I expressed that I had already done so and gotten no response. She turned on the offensive, and started to berate me for not knowing what I was talking about. I dismissed the insults to inform her that the phone number (mentioned above) gives a circle of waiting cues. She defended this saying that it my statements were inaccurate. (I had called into this system 4 times.) She continued to tell me that I needed to inform legal by using the proper email address. I expressed that I had done so. She proceeds to tell me she IS the legal counsel and that she has received no such emails. (I had sent 4 over the past two weeks) She failed to answer why she couldn't address my issue while I had her on the phone.

I proceeded to ask her if she was aware about the association of the websites as mentioned above. She stated that was part of their business and was a domain name registrar for their company. When I asked her to confirm if she knew of 352Hosting, she hung up.

There's something really odd about the graphic below for A PowerBook G3 is out in the middle of the water??? Why? Could this be a subliminal "phishing scam" logo? Phish/Fish? Or is that just the conspiracy theorist in me talking?

The mind of a criminal really works like it does in the comics. I honestly think this is a subliminal message about this site being a phishing scam host. Take another example; Jack Campbell is often accused of being a pathological liar. He used to have a BLOG called TECHNICALLYTRUE.BLOGSPOT.COM that discussed tech issues. Is this a subliminal message that he knows he's a liar?

I am seeing a pattern amongst the hosting industry. They claim they are interested in the security and privacy of their users, yet they won't assist people in the simplest of ways with, at the very least, investigating claims such as mine.

Readers, please be careful. These scams are getting more and more clever by the day. Your best bet is to go to the websites individually and never click on a link in an email.

[Update] A friend informed me that eBay has a phishing scam alert section in place. eBay will now notify you by their alery system and by their onsite message system if something is wrong. Before you list an item for sale or confirm a purchas, a screen will show that alerts you to any problems with your ebay account.

No comments: