Masthead
One of my photos

Nice try

February 7th, 2009 · Posted by Skuds in Technology · 1 Comment · Technology

A couple of spam/phishing-related tales.  Amongst today’s haul of junk mail I received this, apparently from “BT Connect Customer Service <info0009@btconnect.com>”:

Dear Esteemed Customers,
Due to management problems, your btconnect email will have to be verified by our customer service department due to large amount of spam complains.
Please verify your accounts by sending the following information or your accounts will be closed.

Full Names:
Login Name:
Password:
Country:

THANK YOU FOR YOUR COOPERATION.
BTCONNECT CUSTOMER SERVICE

Where do I start?This is a tad more plausible than some phishing emails.  It purports to come from a sensible email address rather than some name like “Hilton.Q.Warthog” as some do, and the btconnect.com domain is indeed registered by BT Connect. It is not asking you to log into a website but to reply to this valid-looking address instead.  So why didn’t I fall for it?

  • I am not a BT Connect customer – that is a dead giveaway
  • Look at the post headers, or even just hit reply, and you find the REPLY-TO address is a hotmail address.  Not the preferred type of account for a big company, especially not one that is an Internet provider.
  • I have more than one e-mail account and recived this several times.   I don’t have multiple accounts as an anti-phishing measure but that is a bonus feature.  Even if a totally genuine-looking email came from a company that I do have an account with there is a chance I would get a couple of copies which would show it to be a fraud.
  • Whoever wrote this probably does not have English as a first language, and certainly not British English. Example “due to large amount of spam complains.”
  • Don’t British companies tend to have ‘customer services’ departments and not ‘customer service’ departments?
  • Anyone at all familiar with customer service attitudes in the UK would be suspicious at being addressed as ‘dear esteemed customer’

The clincher, of course, is that no company in its right mind will ever write or phone and ask for  login and password details.  I may be over-suspicious and cynical about such things, to the extent that even when I get mails from my bank that are addressed to my proper email account, use my proper name, and have valid-looking links I do not use the links – I log into the bank using my own shortcuts. Better safe than sorry.

Anyway: 4/10 for this effort.  Nice try.

If all fraud attempts were so transparent we would have nothing to worry about, but it appears that crooks are getting more clever and putting in the effort to cross over into the real world with their online antics.  Just read this story for the details.

Quite a brilliant scam.  The crooks set up a website that looks like a parking fine website where you have to download some little toolbar to see their own vehicle – but in doing so they download a trojan.  The trojan acts a bit like the Antivirus 2009 scam, throwing up virus alert messages and directing you to a site where you have to pay to get the virus removed.

To get people to login to this site there is no e-mail or dodgy link.  The address is printed on a fake parking ticket that someone goes out and puts on car windshields. It is an interesting development because it is a physical rather than a technical escalation.

This is a lot more labour-intensive than an email scam where you can send millions out with one button-push.  Somebody has to physically go out and do it.  They must have decided that the hit-rate would be significantly higher than with email to make it worth the trouble and risk.

Tags: ··

One Comment so far ↓

  • skud's sister

    And there are enough people out there who park badly they can’t be sure that they haven’t violated some rules at some point…