Daily Archives: January 15th, 2011

Phishers of men

Holy carp! These phishermen are master baiters!

Musical interlude for this post: Fishers of Men by Rhonda Vincent.

Something amusing has happened at work. Twice. It made me chortle.

It all started when we got locked out of our Amazon.com merchant account. For a couple of days there, we couldn’t get inside our own online store!

It turned out that the boss had fallen for a phishing attempt. Wow. I don’t think I’ve ever personally known anyone who’s accomplished that before. Literally.

In case you’ve been living under a rock, phishing is the act of attempting to steal usernames, passwords and other personal information via email (and other means) masquerading as official communications. The goal is to lure victims to web sites that look official but were only designed to get people to enter their username and password for popular web sites, such as banks, eBay, Amazon, World of Warcraft, etc. These industrious phishers leave no stone unturned.

In the good old days, phishing was laughably easy to detect because it was so poorly composed, contained errors, and would contain many examples of Engrish, like, “All your base are belong to us.

Here’s an example of a poorly written phishing attempt:

Dear Customer, your aion account suspected fraud. Will be cancel within 24 hours. Fraud Evidence: many times in the game using the game chat function induced to provide the game to deceive the other players offer accounts and passwords.

If you do not fraud, as soon as possible to verify your account login http://www.worldofwarcraft.com.

Blizzard Customer Service Separtment.

“Aion?” I can’t even being to guess. 🙂

Come on now. Let’s be serious for a moment. If you received something written like that for your Bank of America checking account and you fall for it, you don’t really deserve to own your own money, do you?

Lately, however, these phishermen have ramped up their game. As usual, there is money on the line, and it has proven cost effective for them to improve their English grammar and create emails that look more like the real thing. The one I saw recently looked extremely well-written, professional, and contained no obvious errors of any kind. They did a really good job.

BTW, I struggled with the word “phishermen” here and the word “men” in the title, too. It’s not gender friendly, in my opinion, and something I generally try to avoid. But “phisherpersons” doesn’t roll off the tongue in quite the same way. So for now I guess I’m stuck with it. My apologies.

In other words, if you fail to remain vigilant and on your toes, even those of us who are already well aware that phishing exists may still get taken in. Like my boss.

Yes, the boss fell for a phishing attempt and gave up the username and password for our Amazon.com merchant account. The phishing email had a compelling psychological comment that turned out to be an effective lever on the boss. It said that our selling privileges on Amazon.com had been suspended because of negative feedback. Boy, did they know what level to pull on him! You can bet your ass the boss fell for that one and clicked the fake link faster than you can say, “Please, take our money. Here, take it!”

Surprise. The next morning we couldn’t log into Amazon.com account. It turns out that once they have your login information, the very first thing the bad people do is change your password to lock  you out of your own account. Good times.

Two days later Amazon.com sorted out the mess for us and restored our access. We changed our passwords and all is well.

The interesting thing here is that the boss is supposed to be a tech-savvy kind of guy, yet he still fell for it.

Cue the entrance of Boy Wonder. This is a guy I’ve never met who is partnered with the boss. He lives somewhere across the country. He’s supposed to be some kind of tech genius, literally a boy wonder of the online world. He sits at the right hand of the boss in the first chair position while my meager IT knowledge and skills are relegated to second fiddle.

You can guess what happened next, right?

Yup. A couple weeks later, Boy Wonder fell for that same phishing email, too! Even better, he didn’t realize it, even after he gave up our usernames and passwords. He had no clue.

At first we thought we were safe, because Boy Wonder said he never clicked any links in the phishing email. If true, that means we avoided exposure.

Turns out though, that Boy Wonder, thinking he was being clever and safe, had copied the links and pasted them in his browser.

The boss had to break the bad news to him. That’s exactly the same thing as clicking the link! The act of copy/paste does absolutely nothing to provide safety, especially when you are taken to a fake web site and then happily pound in our secure account information.

There are two very important aspects of phishing that you can remember to protect yourself.

  1. Links can be spoofed. By that, I mean that the way they appear visually may not be where they will really take you. For example, a link that says, “Amazon.com” could just as easily take you to the “StealAllMyMoney.com” web site. The only way to know for sure is to mouseover the link and find the real destination that is displayed somewhere else on your screen.
  2. Make sure you are on the genuine URL. Period. ebay.com is decidedly not the same as support-ebay.com. And that’s how they get you, by inventing a new domain name that looks and sounds legitimate. Most likely there is no such thing as marketplace-amazon.com, either. Make sure you are on the one and only official domain name or stop everything.

I have never fallen for a phishing attempt in my life. At my job that now makes me unique. I guess you could say I’m an endangered species. I will admit, however, that a couple attempts have been so good they made me look twice. But I was so suspicious they eventually failed. Eat that, suckers!

Let’s be careful out there, people! The reason phishing attempts continue, just like spam, is exceedingly simple. It’s because they work on some of the people some of the time. As long as that remains true, we’ll always have phishing and spam. Apparently somewhere in America is at least one more person who still wants to buy cheap pharmaceuticals online. Therefore the spam continues. They continue because it works and puts money in their pockets.