Sunday, April 5, 2009

A phishing they will go...

It really amazes me the lengths that people go to in order to trick others out of their personal information. I received two emails this week that particularly caught my attention. I receive SEVERAL each week into my hotmail account, but very rarely get them in my primary account. I got one in each place that made it through the spam filter. The one below came into my main email box.

I hope that most people realize their Visa issuer will not send them generic emails in this fashion. When I get an email from my credit card issuer, it’s got my full name in the “to” line and not something generic. I hate that people are getting more brazen and brave. I wish they’d take their efforts and put them into getting a real job and seeing what they can do to help people, instead of taking advantage of them.

I forwarded this information to as many people as I could think of because they may get one of these messages and not realize it’s a phishing email. I hope the perpetrators get caught and get what they deserve. I imagine that won’t happen and, even if it did, there’s always at least one more to take their place.

(I’ve removed my identifiable information from these headers. I also have not included the form that was attached. The URL was “verified by visa form” . html.)

Return-Path: <>
Received: from eastrmimpi02.XXX.XXX ([])
by eastrmmtai105.XXX.XXX
(InterMail vM. 201-2186-121-102-20070209) with ESMTP
id <>
for ; Sat, 4 Apr 2009 07:56:22 -0400
Received: from ([])
by eastrmimpi02.XXX.XXX with IMP
id bPwL1b01d2Qv3qg01PwM1o; Sat, 04 Apr 2009 07:56:22 -0400
X-VR-Score: 0.00
X-Authority-Analysis: v=1.0 c=1 a=GnhTxIRVG6QJIOr7idKpMQ==:17
a=jop_VESR05iyGlzHIlsA:9 a=1RcpP1xmiDxlEryT9qQA:7
a=SeKs_eTASxjgnToCNoHsR6W-beoA:4 a=9OHTkwyHC8cA:10 a=SSmOFEACAAAA:8
a=bVVtVm27AAAA:8 a=ccVNLSCbAAAA:8 a=Qf2MG-ogAAAA:8 a=0QZdYKZ1AAAA:8
a=Ux7c7p0NB33R9PTTsvoA:9 a=saLvWu0LzDqUiTBs28kA:7
a=z44ap0WFg60owMDhzafih4d7VqYA:4 a=AfD3MYMu9mQA:10 a=aVxzrZE88fZkthgT:21
X-CM-Score: 0.00
Received: from (localhost [])
by (SMTP Server) with ESMTP id 6FDB780000BA
for ; Sat, 4 Apr 2009 13:56:20 +0200 (CEST)
Received: from ( [])
by (SMTP Server) with ESMTP id 3B6CA80000AE
for ; Sat, 4 Apr 2009 13:56:20 +0200 (CEST)
Received: from ([] RDNS failed) by with Microsoft SMTPSVC(6.0.3790.3959);
Sat, 4 Apr 2009 13:56:19 +0200
From: Verified By Visa
Subject: You have one new message
Date: 04 Apr 2009 06:56:18 -0500
Message-ID: <>
MIME-Version: 1.0
Content-Type: multipart/mixed;
X-OriginalArrivalTime: 04 Apr 2009 11:56:19.0592 (UTC)

-----Original Message-----
From: Verified By Visa []
Sent: Saturday, April 04, 2009 6:56 AM
Subject: You have one new message

Dear Visa Card user,

In addition to our other ways of preventing, detecting, and resolving fraud, we offer Verified by Visa, a free, simple-to-use and free service that confirms your identity with an extra password when you make an online transaction.

Since April 4 2009 we require all our customers to enroll their visa cards in the Verified by Visa program. If you do not do so you will not be able to shop online with your visa card.

This is a reminder to activate the Verified by Visa feature for your card as soon as possible.

Please download the form attached to this email and open it in a web browser. Once opened, you will be provided with steps to activate the Verified by Visa feature.

We thank you for your prompt attention to this matter. Please understand that this is a security measure intended to help protect you. We apologize for any inconvenience.

Visa Inc.

One of my favorite phishing emails was from a poor dying lady who was desperately trying to get her fortune out of the hands of crooked politicians and all I needed to do was ..... you know - the usual crap. Another recent one I received was from the Federal Bureau of Investigation for the Local Police Department. I got a good laugh from that. Of course, most of the ones I get are poor grammar, bad punctuation, misspelled words, extra spaces between words (or none at all), and a general sense of "urgency" and "secrecy" lest anything be found out. I must proceed with the greatest of caution and not talk to anyone except the email author.

I wonder if this is a 9-to-5 job, where all these folks go clock in somewhere and then sit down at computers to write out their scam. It might go something like this...

"Oh, hiya Joe. What you got going today?"
"Nuthin much. Just got some Visa warnings, inheritance messages, money laundering, and FBI notifications to send. How 'bout you?"
"Same here. I think I have some sucker... I mean lucky individual in the states waiting on some money they 'forgot' they inherited."
"I bet they'll be so excited to hear from you. Let's compare notes after lunch and maybe we can help each other out."
"Yeah, too bad we don't have a proof-reader or technical writer on staff though. Just think how much better our assignments would sound."

Or, something like that.

1 comment:

ellie said...

Wow... i got one of these today too. When i googled the email address i didn't find anything except your post. So thanks for verifying my suspicions! And what a coincidence... we live very close to each other!