Friday, March 25, 2005

Who is dumber, the phisher or the phished?

Getting personal information by "phishing" isn't new, but I've only recently received my first phising e-mail. It actually is a bit funny since whoever wrote it is pretty stupid. It's also a bit scary because I'm sure it has snagged more than a few folks. Here's the message, with some of my favorite bits highlighted:


Dear Bank of Oklahoma customer. Please read this message and follow it's [sic] instructions.

Unauthorized Account Access

We recently reviewed your account, and we suspect an unauthorized ATM based transaction on your account. Therefore as a preventive measure we have temporary limited your access to sensitive Bank of Oklahoma features.

To ensure that your account is not compromised please login to Bank of Oklahoma Internet Banking and Investing by clicking this link, verify your identify and your online accounts will be reactivated by our system.

To get started, please click the link below:

[link removed]

Important information from Bank of Oklahoma.

This e-mail contains information directly related to your account with us, other services to witch you have subscribed, and/or any application you may have submitted. Bank of Oklahoma and its service providers are committed to protecting your privacy and ask you to send sensitive account information through e-mail.

If your bank demonstrates its "commitment to protecting your privacy" by asking you to send sensitive account information via e-mail, you are being scammed or you are with the wrong bank.

While looking into this particular scam, I happened upon the Anti-phishing Workgoup, which has more info on the Bank of Oklahoma e-mail and many, many more.

No comments: