[Spambayes] Exceptionally well-done identity-theft spam

Avi Jacobson avi-j at pacbell.net
Mon Dec 29 19:53:51 EST 2003

Hi, Tim et al.

>[Avi Jacobson]
>> I wonder whether this is not the face of things to come --
>> reliable-looking links to reliable-looking websites, where the HREF
>> actually points elsewhere.
>For identity-theft scam spam, almost certainly -- they have to trick you
>into revealing personal info you wouldn't normally pass out.  But if what
>you got after clicking on the link was, e.g., an offer to cut your mortgage
>rate, or to enlarge part of your anatomy, I expect the response rate would
>be too low to repay the costs.  After all, the initial sales msg flat-out
>lied to you then, and the percentage of people eager to get fleeced a
>time has got to approach 0.

Yes, I was referring to the identity-theft scams. I have seen similar tricks
before -- for example, one scammer registered a domain that was something
like Yahoobilling.com and then proceeded to send an email to <random
string>@yahoo.com asking Yahoo subscribers to visit a Web page on that
domain by clicking a link, and to provide their Yahoo name and password on
that (bogus) site. That particular scam was a little more obvious than this
new one because (a) the domain name displayed in the link was not identical
to the real (yahoo.com) domain name of the purported sender (whereas the
fake-PayPal spam actually displays a paypal.com URL); the graphics on the
Yahoobilling scam were fake and noticeably different from the real Yahoo
ones (whereas the fake-PayPal page actually points to real PayPal graphics
on PayPal's server). This PayPal scam is the first time I've seen either of
these improvements.

Best regards,
Avi Jacobson

More information about the Spambayes mailing list