I Hate Phishing

Photo by alex_lee2001 on Flickr used under Creative Commons

I’m fired up this morning. The email account we use for this blog is a target for spam, which is expected when you include an address on your site. I totally get that.

I routinely see 1-5 spam emails a day and occasionally, a phishing one.

I’m really not sure why the PayPal phishing email I saw today irritated me so much. I think it’s because the phishers are using fear as a motivator, e.g. the phrase “in order to prevent the use of the banking system in terrorist and other illegal activity,” which loosely translates to “if you don’t update your PayPal information, the terrorists win.”

It’s one thing to run a 419 scam that plays on greed, but I loathe the manipulation of fear or kindness in schemes like this.

Anyway, here’s the note, minus the bogus links. I forwarded it to PayPal’s anti-phishing account.

Dear valued PayPal® Customer,

Due to recent fraudulent transactions, we have issued the following security requirements.

It has come to our attention that 98% of all fraudulent transactions are caused by members using stolen credit cards to purchase or sell non existant items. Thus we require our members to add a Debit/Check card to their billing records as part of our continuing commitment to protect your account and to reduce the instance of fraud on our website. Your Debit/Check card will only be used to identify you. If you could please take 5-10 minutes out of your online experience and renew your records you will not run into any future problems with the PayPal® service. However, failure to confirm your records will result in your account suspension.

We are requesting this information to verify and protect your identity. Federal regulations require all financial institutions to obtain, verify, and record identification from all persons opening new accounts or obtaining ongoing payment services. This is in order to prevent the use of the banking system in terrorist and other illegal activity. For these reasons, PayPal® will utilize services provided by various credit reporting agencies to verify the information you submit to us.

Once you have updated your account records your pending PayPal® account transactions will not be interrupted and will continue as normal.

To update your billing records please proceed to our secure webform by clicking here.

Thank you for your time,
PayPal® Billing Department.

AboutJake

a.k.a.:jkuramot

5 comments

  1. You're not seriously defending phishing I hope. I wouldn't call scare tactics incentive, more like deterrent. My system works for this, but at its core, phishing plays on human emotions and takes advantage of n00bs. I use my powers for good.

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.