231 Erwin Road

My experiences as a Northern transplant down in Chapel Hill, NC, 2005. And now my experiences back up in NYC.

Sunday, May 15, 2005

I fell right into it

I just got a phishing email and I feel for it, luckily, Google Gmail stopped me, just another reason I love their service.

If you don't know what phishing is, it's basically a fake email in disguise of a legitimate service. In my case it was eBay asking me to update my Credit Card info. The reason I fell for it is that I know my CC info is out of date on eBay, so I figured this was a reminder.

Gmail removed all the hyperlinks out of the email and put a little red note at the top that this email is probably a scam:
Warning: This message may not be from whom it claims to be. Beware of following any links in it or of providing the sender with any personal information. Learn more
I didn't even notice that though, but thought it was funny that none of the URL's were hyperlinkable. So I copied the legit URL, http://ebay.com/.... to find out that it was a broken URL. I went back to the email and noticed the red box. I then realized I was scammed, and I'm supposed to be on top of these things. I looked at the source code and noticed that the email takes me to http://ebay.is.dreaming.org.

Thanks Google for once again helping to save my life.

4 Comments:

  • At 5/16/2005 10:59 AM, Blogger Milo in Manhattan said…

    That ebay message has been making the rounds. I keep receiving it at my work addie and thats how I know it is a fake. What info account has an ebay account? not mine!

     
  • At 5/16/2005 11:17 PM, Blogger Roonie said…

    There are a lot of tell-tale signs that an e-mail is bunk. First of all, it won't address you by name. Second of all, it'll ask you to update your records for no good reason at all. Third, if you hover over the link it sends in the e-mail, you'll see it won't link directly to the site it claims; it'll either give you the bunk address or some really, really long address that couldn't possibly be legit. Oh, and by the way, always report that shit. Lots of companies have an abuse address, like spoof@paypal.com, for instance. It'll help stop the phish from swimming around.

    Come on, now, Vin-naaaaay!

     
  • At 5/17/2005 1:29 AM, Blogger Vincent said…

    You didn't read my post closely.

    Second of all, it'll ask you to update your records for no good reason at all.
    I said how my CC card recently expired and I thought this was a reminder, funny timing.

    Third, if you hover over the link it sends in the e-mail, you'll see it won't link directly to the site it claims.
    Google removed the hyperlink so that I couldn't click though. That's why I'm saying google saved me. I probably would have noticed either when hovering over the site or when looking at the URL in the new window, but at least Google saved me from getting to that point.

    As for the name, it didn't have my name. But being that my gmail address is firstname.lastname, it woudln't be hard for a script to guess.


    Why is everybody harping on me about this?

     
  • At 5/20/2005 5:58 PM, Blogger Roonie said…

    Because, dear Vincent, we expect more of your computer geekness than to fall prey to phishing.

     

Post a Comment

<< Home