Monday, 10 February 2014

Dissecting a phishing scam email

Check out out this email I received today from a friend whose email account has evidently been hijacked:
"Hello,

How are you doing? I am sorry for reaching you rather too late due to the situation of things right now..I'm stranded in Manila(Philippines) and had my bag stolen from me with my passport, mobile phone and personal effects therein. It was a terrible experience for me thank God the embassy has just issued me a temporary passport but I have to pay for a ticket and settle my hotel bills with the Manager before leaving.

I have made contact with my bank but it would take me 3-5 working days to access funds in my account, the bad news is my flight will be leaving very soon and but i am having problems settling the hotel bills. Please let me know if i can count on you i promise to refund the money back as soon as i get back home

Regards,

Dianne"

The smelly details that aren't quite right:
1) "Hello" - only that, not my name? of course, that makes for easy mass mailing to lots of people on Dianne's email log. The whole lack of detail in the message (no hotel named, no dates, etc) is too deliberately vague.
2) "How are you doing?" That's a rather calm tone for the story that follows.
3) "... due to the situation of things ..." Dianne is more literate than that. Lack of other punctuation looks rather suspicious for someone who is a communications professional.
4) If she was in contact with the Embassy then she would also have been in contact with family who certainly could have provided assistance. Besides, I would be surprised if Dianne would travel alone.

In fact Gmail spotted the scam attempt too and there was a big red warning banner across the message. Even the computer knows better. So, sorry "Dianne", I won't be sending any money today.

4 comments:

Michael James said...

That's a pretty good attempt. There were a number of signs that this email is a fraud as you point out, but I could certainly see this working on some non-trivial fraction of people.

CanadianInvestor said...

MJ, it must be my suspicious, skeptical nature; sometimes a hindrance, but sometimes helpful.

Here's a blog post suggestion for you Michael - maybe the world needs a common sense version of public key cryptography? I had thought of emailing "Dianne" back to ask a question whose answer only she and I would likely know.

Michael James said...

What you describe is usually called a challenge and response. I've used a variant of it that could be considered similar to encryption. When telling my wife one of my passwords over the phone, I said, "the first letter is the third letter of your younger sister's middle name, ...".

Tyler Jackson said...
This comment has been removed by a blog administrator.

Wikinvest Wire

Economic Calendar


 Powered by Forex Pros - The Forex Trading Portal.