Now This Is Inspired

Uncle AndrewUncle Andrew
Filed under: @ 9:09 pm

Ebay Phish

I found this in my Inbox Monday morning. You can click on the image for a larger view, if you’re so inclined.

It’s a phishing scam, of course, but a really well-designed one. This is the first time I have seen a scam email that actually looked like it came from the organization it purports to represent. On top of that, the angle isโ€”well, it’s quite effective. As an experiment in social engineering, it’s a compelling wrinkle. Lots and lots of people have eBay accounts, and while I don’t use mine very often, I think people are predisposed to treat it as the online community it pretty much is, even if this particular example is not. If I got a–legitimate–message from someone wanting to buy an item I was not in fact selling, I’d be tempted to sign on and let that person know that they were mistaken….or at least to check if someone else’s auction had somehow gotten added to my account.

As usual, the thing that most obviously twigged me to the spurious nature of the communique–beyond the blatantly un-Ebay-like URLs that populated it from stem to stern–was the horrible English. Why is a person who is skilled enough to fabricate such a truly convincing-looking official corporate communication not also savvy enough to find a fluent English speaker to write his email copy for him? I don’t think these people spend enough time dealing with this sort of thing themselves to realize just how dopey their efforts appear to the victim. How the perpetrators of these schemes continually manage to miss that crucial little detail is beyond me. On the other hand, the concept of blindly clicking on a hyperlink in an unsolicited email and doing whatever the little voices on the other side of the series of tubes tell me to do is also beyond me. Perhaps I am setting the bar too high. After all, it costs just about the same to send this sort of thinig to a million potential victims as it does to send it to one; you don’t need a high rate of response to make your ROI.

Anyways, I thought this was a notably clever scam, so I figured I’d mention it here, both as a warning to the uninitiated and as a tip O’ the hat to inventive bottom-feeding pond-scum Information Superhighwaymen everywhere. Kudos, and get bent! The scammers, that is; not you. ๐Ÿ˜›

4 Responses to “Now This Is Inspired”

  1. Tony Lenzer Says:

    No, No Andrew…you wrong. Bill Volkan from small place call Pa, in Ukraine. Not such good inglish teached in school.

  2. Uncle Andrew Says:

    *Snicker* Okay, that was pretty cute. ๐Ÿ˜€

  3. Valerie Says:

    Dude. I got one of these the other day. It was asking me about international shipping on a piece of jewelry I had for sale. The problem is, I don’t have a piece of jewelry for sale. I buy one or two things a year from ebay, and I never have sold anything. I alerted the ebay security folks about it, but never heard back from them. Not that I expected to, mind you, but a little tip of the hat that I was a good girl by recognizing the scam would have been nice. No, instead I get a little email from ebay all about how to recognize phishing scams. Um, wasn’t that what I just did? Sigh.

  4. Uncle Andrew Says:

    Yeah, but can you imagine how many letters they’d have to send out congratulating people on catching scams? Between them and Washington Mutual they must account for half the scam-related traffic on the InterTubes.

Leave a Reply

All comments containing hyperlinks are held for approval, so don't worry if your comment doesn't show up immediately. (I'm not editing for content, just weeding out the more obvious comment spam.)

All portions of this site are © Andrew Lenzer, all rights reserved, unless otherwise noted.