We have all seen common paypal, ebay and bank phishing e-mails. What is the "best", "most believable", or "funny" phishing e-mail you have received?

Sorry, I don't collect spam/scam-emails.

{QUOTE-> We have all seen common paypal, ebay and bank phishing e-mails. What is the "best", "most believable", or "funny" phishing e-mail you have received? <-QUOTE}The scariest I've seen was one that redirected you to the REAL bank site (after going through the phishing site), yet on the real site was included an element from the scam site, probably as to read from the cookie when something was typed in the real site. I think it had something to do with the fact that the parameters which were then passed to a javascript element on the bank site were unsanitized http post parameters, so the scam site was able to manipulate it as to modify the page presented to the user on the fly. It was quite an ugly accomplishment, because the web address showed in the browser was the real bank IP, so there was no way to tell without analyzing each HTTP element called on the page (I used Odysseus to analyze the thing, a tool designed to act as a "man in the middle" to see the content of each http request). The phishing site was taken down incredibly fast, though, I don't think it lasted more than a couple of hours. I hope the bank fixed their site.

Without a doubt the funniest was one from Internet Bank wanting me to update my info. Internet Bank, what a hoot. You have to wonder how dumb some people can be.

I also get a kick out of the 419 emails. www.scamorama.com has provided quite a few good laughs, from people who scam these guys right back.

{QUOTE-> Without a doubt the funniest was one from Internet Bank wanting me to update my info. Internet Bank, what a hoot. You have to wonder how dumb some people can be. <-QUOTE}If you think that's dumb, you should have seen the one received by one of co-workers; it listed like six or seven different banks and it said "if your bank is [bank name], click here", "if your bank is [name], click here", and so on... all in the same e-mail. :D

A phishing email with a beg BEWARE warning at the top (to warn you of phishing emails).

Well I don't know about the best but here is the worst...

http://forum.starmen.net/?t=msg&th=19897

{QUOTE-> Here is the story ..Me and one of my friends , Steven , got into this fake hotmail business, also known as "phishing", way way back when we were in the 8th grade. We are now juniors. What we would do (if you don't know) is have our friends (and sometimes people we wouldnt call our friends) sign in to a bogus hotmail page that would send us their password to our emails. We did this to my neighor Chay , whom at the time was one of our best friends and also an old member of starmen.net , participating mainly in the mailbag.He laughed when we fooled around with him and then he too started phishing.Well it lasted a couple weeks and soon us 8th graders were ready for something else exciting. We would altogether forget about our phishing and move on with life...Well 3 years later my old buddy Chay gets a lawsuit from Microsoft for 4 million dollars if he cannot reach a 5000 dollar settlement by Jan 31st 5 p.m. eastern time. Violations of the Lanham Act and fraud. 1 million dollars for using the MSN butterfly symbol. 1 millions dollars for using the MSN logo. 1 million dollars for using the Hotmail logo. 1 million dollars for using the Passport.Net logo. 1 million dollars for using the Microsoft logo. He was pretty bummed..although he lauged at the fact hes actually getting sued by the biggest corporation in the world. Would we react the same way? I can't say..but I do feel sorry for him. I hope me and Steven are safe and do not get caught. Anyways just want to warn some of you people..Microsoft will catch you! Stay away from rishabdara.com (I believe this is the place...) <-QUOTE}

If you think that's dumb, you should have seen the one received by one of co-workers; it listed like six or seven different banks and it said "if your bank is [bank name], click here", "if your bank is [name], click here", and so on... all in the same e-mail.

lol!

the biggest scam was "free credit report" email, there was a link and the website had no content but asked for

to process your free credit report we need the following..

name:
homr address:
phone number:
location:
age:
sex:
creditcard info:
social security#:
bank account#:

I bs'd it to see what i'd get if i clicked continue.. all i got was "thank you.. your report is being processed."

@ TNT

Lately I have been receiving emails from Paypal but I don´t even have an account. The link will also sent me to the real paypal.com site, but I think it´s very strange ::), this is the mail:

Dear PayPal User,

We recently noticed one or more attempts to log in to your PayPal account from a foreign IP address. If you recently accessed your account while traveling, the unusual log in attempts may have been initiated by you. However, if you did not initiate the log ins, please visit PayPal as soon as possible to update your account:

https://www.paypal.com/us/cgi-bin/webscr?cmd=_login-run

Changing your password is a security measure that will ensure that you are the only person with access to the account.

Thanks for your patience as we work together to protect your account.

Sincerely,
PayPal

{QUOTE-> @ TNT

Lately I have been receiving emails from Paypal but I don´t even have an account. The link will also sent me to the real paypal.com site, but I think it´s very strange ::), this is the mail

https://www.paypal.com/us/cgi-bin/webscr?cmd=_login-run <-QUOTE}

Hmmm... are you reading this mail in html or plain text? If HTML, have you checked the source?

Any email from "Paypal" is a scam.
Paypal doesn't send any emails. They sometimes ask to verify your data, but that happens only on their website, after logging in.

@micrate, Are you sure they didn't send you followers? :D

Yo, folks, if you are curious about phish emails, and want to open them in order to read them ... DON'T!! Best to just remain curious; curiosity killed the cat.

Acadia

{QUOTE-> If you think that's dumb, you should have seen the one received by one of co-workers; it listed like six or seven different banks and it said "if your bank is [bank name], click here", "if your bank is [name], click here", and so on... all in the same e-mail. :D <-QUOTE}

Oh my god, this is one bad phishing..... :o

{QUOTE->
Lately I have been receiving emails from Paypal but I don´t even have an account. The link will also sent me to the real paypal.com site, but I think it´s very strange ::)

https://www.paypal.com/us/cgi-bin/webscr?cmd=_login-run
<-QUOTE}

I would personally check the underlying URL next time because the underlying URL needs not match what is displayed.

{QUOTE-> Yo, folks, if you are curious about phish emails, and want to open them in order to read them ... DON'T!! Best to just remain curious; curiosity killed the cat.

Acadia <-QUOTE}

VERY sound advice indeed.

If I were doing a phishing site, I'd have a WMF in the email that went out, and one on the site - just in case people went there. It wouldn't be a standard WMF either... one of those "special" ones :D

Don't think you're safe, just because you don't key in your data.

Back on topic, the scariest phishing email I received wasn't actually a phishing email. It was from a third party company (marketing) hired by the bank to contact their clients about some offer or other. One of the links was damaged and went to a poorly rendered login screen (for the mail reporting system)

Extremely careful checking revealed it to be harmless - but it does go to show the damage that can be done - you just cannot tell on a visual inspection and you never know when a new exploit will be discovered.

Always go to sites of high value by typing in the URL - it may be a bit of a PITA, but it's the safest way.

{QUOTE-> Yo, folks, if you are curious about phish emails, and want to open them in order to read them ... DON'T!! Best to just remain curious; curiosity killed the cat.

Acadia <-QUOTE}
That's what I call GOOD advice.
In fact, I'm doing this with all my spam-emails, although not everybody agrees with me at Wilders.
Most of these emails have a seducing subject title and that makes people curious to open them and that's where all the trouble starts.
Even opening spam-emails can be a trigger to do something bad in your computer. That's what they told me at SWI.
Is it really worth to read all that nonsense and get it trouble or make these scammers/spammers richer, than they already are ? Not me.
Somebody who steals my email-address is a thief and doesn't deserve my attention. :)

{QUOTE-> Yo, folks, if you are curious about phish emails, and want to open them in order to read them ... DON'T!! Best to just remain curious; curiosity killed the cat.

Acadia <-QUOTE}

Really? What do you think will happen if you accidently open it?

You telling me you never ever opened any spam mail before?

{QUOTE-> Really? What do you think will happen if you accidently open it?

You telling me you never ever opened any spam mail before? <-QUOTE}

Depends who's sending the spam.

Maybe you just executed a nice wmf-exploited file :)
Maybe you just validated your email address and will get more
Maybe nothing.

Maybe you found a great price on vi@gra, much better than your normal supplier :D

Hi,
I have no friends, so I don't get any mails. And I do, they are erased automatically ... hihihihi
Mrk

{QUOTE-> Hi,
I have no friends, so I don't get any mails. And I do, they are erased automatically ... hihihihi
Mrk <-QUOTE}
Right. Even my so called "internet friends" were spammers in the past.
Each time, they found something interesting for them, I got an email from them as if I was interested too. Pffft.

{QUOTE-> Depends who's sending the spam.

Maybe you just executed a nice wmf-exploited file :)
Maybe you just validated your email address and will get more
Maybe nothing.

Maybe you found a great price on vi@gra, much better than your normal supplier :D <-QUOTE}

Most likely nothing. And if you know what you are doing 99.9999% nothing.

Validated your email? In txt mode? That will be a nice trick. You can even get away with reading in html mode, if you know what you are doing.

WMF exploit file? There's a patch you know. Sure there's no 100% protection and you never know if there' some zero day exploit that zaps your email client but so what? Are you going to live in fear because of that? Then you might as well stop web surfing as well, you never know if some reputable site is going to get compromised.

My point is if you are going to live in fear of accidently opening some spam email, you might as well drop the idea of using email at all. Because it will happen one day.

Besides i'm certain everyone in this thread even those who advocate not opening spam, have done it before. And they are all still here....

Mike in your line of work you receive emails from new sources ,say people seeking support for online armor. Do you live in fear that some of them might actually be spammers trying to trick you? :)

A subject that says "Online Armor questions", could actually be spam or some exploit. Does that stop you from opening emails?

Also Is it really your position that users who are protected by every trick in the book, including online armor, shouldn't open spam at all because they are not protected and are at great risk at being compromised if they open spam mail?

I'm sure the customers of Online Armor would be really disappointed to hear that....

{QUOTE-> Hi,
I have no friends, so I don't get any mails. And I do, they are erased automatically ... hihihihi
Mrk <-QUOTE}

Indeed, best way not to accidently open spam, don't do email at all.

For the record, i'm not saying people should open every spam email and start doing hours of research to prove that the phishing and cons are exactly what they are.

If it quacks like a duck...

I'm against this overblown fear of opening such emails,

"for god's sake, whatever you do, please do not open it at all, DELETE AND IGNORE or bad things will happen".

Either it will do some unspeakable evil to your computer and install some malware, or validate your email, or worse (since no software can protect you from your own foolishnees) the words itself will brainwash you into believing all the crap making you lose your money.

Unspeakable evil indeed, that you should avoid glancing at even once..

I suspect everyone in this thread is far smarter than believing in such simplistic advise of course, for one thing everyone here seems to have read these emails that they tell everyone else not to read!

They see this email from such unknown source, the subject looks like it might be legimate, or it might not be. I bet almost everyone here ,even though who advocate delete and ignore, will open it. And even if it was not legimate, they would just shrug.

However I can imagine some less experienced person who is told to FEAR all email that looks fishy, would just delete it, which is really unnecessary.

Or someone who accidently opens some spam, goes in a state of panic because he thinks he is doomed because he has broken the rule....

devilsadvocate,
We IGNORE/DELETERS of spam-emails, just don't take any unnecessary risks. That's all.
If you like to open and read spam-emails, go ahead, I don't have any problems with that.
Just like you shouldn't have any problems with those who IGNORE and DELETE their spam-emails.
It's a personal decision and much safer than opening and reading spam-emails and there is no doubt about that. :)

{QUOTE-> devilsadvocate,
We IGNORE/DELETERS of spam-emails, just don't take any unnecessary risks.
<-QUOTE}

Except when you do *decide* to open them to read then the risk is necessary.... :)


{QUOTE->
That's all.
If you like to open and read spam-emails, go ahead, I don't have any problems with that.
<-QUOTE}

Nah, I dont enjoy opening and reading spam email. I just don't shake in my boots like you do, when i accidently open one. I understand how emails work, so they don't feel me dread like they do you.

{QUOTE->
Just like you shouldn't have any problems with those who IGNORE and DELETE their spam-emails.
<-QUOTE}

I have no problems with people who say one thing (ignore and delete) to newbies and yet when it comes to themselves have no problems with opening, reading and researching spam emails :)

Really, no problems at all...


{QUOTE->
It's a personal decision and much safer than opening and reading spam-emails and there is no doubt about that. :) <-QUOTE}

It's also a personal decision that disconnecting your computer is safer then turning it on and there is no doubt about that. :)

The thing about the PayPal mail is that it redirects you to the real site, didn´t you all notice that? So is this some kind of advanced scam or what? ???

Yes I noticed that and I was a bit surprised by that too, but I never login this way.
This is the right login page for PayPal :
https://www.paypal.com

Any other login page, like this one, is suspicious to me :
https://www.paypal.com/us/cgi-bin/webscr?cmd=_login-run
I can't say for sure if this login page is a scam or not. Too technical for me,
but the url is longer than it is supposed to be.

The fact that you received this email, without being a member of PayPal is already suspicous and as far as I know, PayPal doesn't send any emails.
I and many others, received alot of scam-emails from "PayPal" (the fake one), but I never touched them and PayPal warns their members for these emails on their website.

The best way to know this for sure, is sending a copy of this email to PayPal and ask for explanation.
Personally, I consider this as a scam until the opposite is proven.

{QUOTE-> Mike in your line of work you receive emails from new sources ,say people seeking support for online armor. Do you live in fear that some of them might actually be spammers trying to trick you? :) <-QUOTE}

I receive several hundred emails per day - a distressing proportion of them are spam. If it's obviously spam, I don't open it - but not because of any fear - just because spam shits me, and I don't have the time to read it anyway. I don't use spam filtering because some of the mails I receive would definitely be gobbled up by it.

{QUOTE->
A subject that says "Online Armor questions", could actually be spam or some exploit. Does that stop you from opening emails? <-QUOTE}

Yes, I suppose it could. But, no, it does not stop me from opening emails.

{QUOTE->
Also Is it really your position that users who are protected by every trick in the book, including online armor, shouldn't open spam at all because they are not protected and are at great risk at being compromised if they open spam mail?

I'm sure the customers of Online Armor would be really disappointed to hear that.... <-QUOTE}

Is it really your position that average, inexperienced users who don't know what they are doing should open every email they receive and double click on any attachments that might be present? Oh, wait... that's not what *you* said either ;D

What I said was that Acacdia's advice to not open email you know is spam (and, that could also include in my mind any form of junk email) is very sound advice, and I stand by that. I did not say you should be afraid, and I did not say people were at great risk, regardless of what software they run.

Just received one from "Paypal".


From: PayPal Service [costumer@bank.com]
Sent: Wednesday, 25 January 2006 3:03 PM
To: xzy @ hotmail.com
Subject: ALERT

hxxp://pics.ebay.com/aw/pics/spacer.gif<hxxp://pics.ebay.com/aw/pics/spacer.gif>

Information provided below will be transmitted via a secure socket layer connection !

________________________________

<hxxp://www.paypalobjects.com/en_US/i/header/hpPrivacy_shopwoutsharing_563x115.jpg>

hxxp://pics.ebay.com/aw/pics/spacer.gif<hxxp://pics.ebay.com/aw/pics/spacer.gif>
<hxxp://pics.ebay.com/aw/pics/sitewide/leftLine_16x3.gif> Dear valued customer <hxxp://pages.ebay.com/help/new/signin.html> hxxp://pics.ebay.com/aw/pics/spacer.gif<hxxp://pics.ebay.com/aw/pics/spacer.gif> Need Help? <hxxp://pages.ebay.com/help/new/signin.html> hxxp://pics.ebay.com/aw/pics/spacer.gif<hxxp://pics.ebay.com/aw/pics/spacer.gif>
hxxp://pics.ebay.com/aw/pics/spacer.gif<hxxp://pics.ebay.com/aw/pics/spacer.gif>


We regret to inform you that your PayPal account could be suspended if you don't re-update your account information. To resolve this problems please click here <hxxp://bunjeria.de.dd12412.kasserver.com/image/paypal.com/update/> and re-enter your account information. If your problems could not be resolved your account will be suspended for a period of 1-2 days, after this period your account will be terminated. For the User Agreement, Section 9, we may immediately issue a warning, temporarily suspend, indefinitely suspend or terminate your membership and refuse to provide our services to you if we believe that your actions may cause financial loss or legal liability for you, our users or us. We may also take these actions if we are unable to verify or authenticate any information you provide to us. Due to the suspension of this account, please be advised you are prohibited from using PayPal in any way. This includes the registering of a new account. Please note that this suspension does not relieve you of your agreed-upon obligation to pay any fees you may owe to PayPal.

Regards,
The PayPal Team
________________________________


Cheers ;D

And the cheeky bugga's sent me a follow up, hmmmm must get on to that asap ;) ;D


From: PayPal Service [costumer@bank.com]
Sent: Wednesday, 25 January 2006 5:35 PM
To: xyz @ hotmail.com
Subject: Second Notice

<hxxps://www.paypal.com/en_US/i/logo/paypal_logo.gif>

SECOND NOTICE

Dear PayPal Member,

We were unable to process your last two billing transactions and your account is now past due. To ensure that your service is not interrupted, please update your billing information today by clicking here <hxxp://bullingnjeri.de/paypal.com/update/> . Or call PayPal Member Services toll-free at 1-205-383-2916. We're available 24 hours a day, 7 days a week.

If you have recently updated your billing information, please disregard this message as we are processing the changes you have made.

Sincerely,
PayPal Service
_____________



Cheers ;D

{QUOTE-> Any other login page, like this one, is suspicious to me :
https://www.paypal.com/us/cgi-bin/webscr?cmd=_login-run
I can't say for sure if this login page is a scam or not. <-QUOTE}Unless they hacked the Paypal server (which I doubt), that URL can't be a scam, because it IS on Paypal. Nevertheless, the e-mail certainly is phishing. That's why (unless of course I'm proven wrong) I am almost sure the e-mail was sent in HTML and the real URL that you can see in the mail html source is actually different (most phishing uses this really "low expertise" technique).

{QUOTE-> Any email from "Paypal" is a scam.
Paypal doesn't send any emails. They sometimes ask to verify your data, but that happens only on their website, after logging in. <-QUOTE}Not correct, they do actually send legitimate email to ask for verification when setting up a new account or asking for you to read and accept change in policy.

Cheers ;D

{QUOTE-> Not correct, they do actually send legitimate email to ask for verification when setting up a new account or asking for you to read and accept change in policy.

Cheers ;D <-QUOTE}
OK. I can't remember any email like that, but you are most probably right.
Personally, it's not important for me, because I don't really use my PayPal account anymore, because I stopped playing on free lottos and it only contains a small amount of my winnings, which I will probably spend on software, that can be paid via PayPal and not visa card.
If you are right Blackspear, I'm the first one to admit it. :)

:) {QUOTE-> Unless they hacked the Paypal server (which I doubt), that URL can't be a scam, because it IS on Paypal. Nevertheless, the e-mail certainly is phishing. That's why (unless of course I'm proven wrong) I am almost sure the e-mail was sent in HTML and the real URL that you can see in the mail html source is actually different (most phishing uses this really "low expertise" technique). <-QUOTE}
Possible, but I'm not an expert in these matters.
I have built a bunch of rules to protect myself and I always use my personal website address to visit PayPal, anything else looks suspicious to me.
Internet & real money is already a bad combination enough, so I don't fool around with urls.
I wouldn't be surprised when you click on such url on an email that you are directed to a fake website with some nifty dirty trick.
I don't know what is technically possible. So that url is suspicious for me until the opposite is proven and activating PayPal via an email is not a very smart habit. :)

{QUOTE-> I receive several hundred emails per day - a distressing proportion of them are spam. If it's obviously spam, I don't open it - but not because of any fear - just because spam shits me, and I don't have the time to read it anyway. <-QUOTE}

That's what I thought. But there are others who *do* fear opening spam even accidently yelling DELETE AND IGNORE as if it is taboo. And they are using your statements as endorsements for that stance.


{QUOTE->
What I said was that Acacdia's advice to not open email you know is spam (and, that could also include in my mind any form of junk email) is very sound advice, and I stand by that. I did not say you should be afraid, and I did not say people were at great risk, regardless of what software they run. <-QUOTE}

Aracdia said curiousity killed the cat, which would imply that he fears opening them because it might 'kill' him, a surprising statement to make.

You don't fear opening spam. So what are you saying? I would appreciate you spelling out why you think it is sound advise. You apparantly don't think it's a big risk. Is it merely because it is a waste of time?

If so, I have no problems with this view. I'm against the view that you should delete and ignore all spam mail just because it's so damn dangerous to even gaze at one, because you might be dumb enough to fall for it even if nothing bad happens to your computer!

{QUOTE-> You don't fear opening spam. So what are you saying? I would appreciate you spelling out why you think it is sound advise. You apparantly don't think it's a big risk. Is it merely because it is a waste of time?

If so, I have no problems with this view. I'm against the view that you should delete and ignore all spam mail just because it's so damn dangerous to even gaze at one, because you might be dumb enough to fall for it even if nothing bad happens to your computer! <-QUOTE}

My reason for not opening spam is pure disinterest and laziness. I don't want their products, I won't support their activities. I may even get into ANTI spam products one day.

I think the advice is sound for a number of fairly obvious reasons -

1) The average computer user does NOT understand what they are doing. They don't know the consequences of their action. If you say it's safe to view spam, what happens if they miscategorise a virus as spam and think it's safe to open.

2) The guys who are doing phishing, spamming and so on are cunning. There is BIG money involved in Phishing, Spyware, spamming - it's organised and criminal. Todays email may just contain a silly little image. Tomorrow could be a WMF exploit. Who knows what is the day after?

I'm not saying that you should run away and cry like an 8 year old girl if you accidentally open a spam email - but why take the risk - no matter how small. Sometimes it's easier to have simple, basic rules to follow.

Simple rule - don't point guns at people, you may accidentally kill them.

Do you ever point a gun at anyone, and pull the trigger - even one you KNOW is not loaded?

Simple rule - don't open dodgy email, it might contain a nasty. All you may be missing out on is an advertisement for crap you don't want, and more of the same emails if your address is validated.