Phishing anyone?

    Yesterday my Spam folder on G-mail contained a message purportedly from the Fulton Bank (where I do happen to have an account) The text looked a bit amateurish, full of subtle errors (awkward wording, failed word-wrap, etc. Still, the Bank’s legitimate site itself has provided not one but two Xanga Posts on today’s modern on-line duh-less-ness.
1) They loudly trumpeted
“Less Clicks!!” as the thrilling feature of some page make-over: Well, I think you learn in third grade that countables are ‘fewer’ and pourable shit like…um… Stupidity can be either More! or Less!
2) No sooner had they clicked that campaign off into the cyber-trashcan then here comes a ‘typical’ photo of a ‘typical’ happy customer on their new Banner: a black fellow, kinda pudgy,
holding his cute li’l daughter. Problem was, you moused-over the pix and saw a pop-up of the
(in-house?) name-tag: mother and daughter(!)

Ok, so on that shaky background I was ready to accept a not-ready-for-prime-time email.

Take a quick look at the thing, and decide whether you might have fallen for it. Try to pretend
you’re me, a guy who grew up trusting everyone, and who was taught to do what the suit-coats say, even if it is kinda unintelligible.

But I’m growed-up now so this time I did the following:
1) Tried to sign into my Fulton account, using the shortcut I have on my very own Desktop….and got a weird half-rendered torn-up page I’ve never seen before telling me my account may have been locked. It wanted my user-name, about which I modestly kept silent at that point and clicked out…

2) Google searched ‘Fulton Bank spam email‘ something like that. One of the first results took me right back to the bogus(?) sign-in page I’d just escaped! Major plot-thickening-ness.
Cup of coffee, then:

3) Searched the supposed link hypertexted into the suspect email, and bingo, a report from the UK of the identical message and link. From a couple years ago. The poster,a volunteer who I assume never even heard of Fulton Bank luckily pointed out that the link was ‘spoofed’. Now I was doubly glad I hadn’t dreamed of clicking on it.
4) Back to G-mail and my Spam Files. I mouse-over-ed the link and ‘Print-Screen-ed the display. Sure enough, the greasy dirtball had stuck the real name of the dirty target down there where the wary could easily see it. Guess I ain’t wary. I hadn’t noticed the discrepancy, even though I usually do check when folks link to stuff with only the words ‘go here’ and ‘there’.
Anyway, the point of this public service post is..um.. be warned.

 
And maybe it’s instructive to reveal a bit of my own naivety once in a while. A Safe Surf, and

Happy Rosh Hashanah tomorrow/ JS

Advertisements

8 thoughts on “Phishing anyone?

  1. chromepoet

    You would kill because the guy used less instead of fewer. That seems a bit rash. On second thought. Go for it. How much thought does it take to keep less and few in they’re proper places? 😉 Actually, the less and few mistakes make me crazy, more so than the “their” error I lampooned. I voted for our current governor, shame on me, because his opponent’s slogan was “More Taxes means Less Jobs”. We are the species that loves patterns and our most elegant pattern is language. Use it or lose it – lose it and join the elephantine order of whacking, yapping pundits, political and economic, who spew steaming syntactical inanities to rationalize every calamity with partisan, finger-pointing whimsy; spewing fact lacking phantasmic frenzy in an idiotic litany gobbled daily and nightly by raving rain afraid turkeys.ta da

    Reply
  2. jsolberg

    @chromepoet – Ta da indeed! Befitting the data condensed into your turgid prose. (hoping ‘turgid’ is a compliment) I’m struggling to understand from whence cometh my deep elitist division of fellow mankind into the pile what uses language carefully and creatively versus the lame beasts. Not an altogether skewed litmus test, I suppose.The fraudulent email was fun to critique; its errors are subtle but jarring once identified. And yeah, Death to Mike New or Mi Knew; we may never know

    Reply
  3. scifiknitter

    That message follows a familiar pattern. One of my tasks at work is to repeatedly remind fellow employees to not be stupid and click on links that are going to ask them for personal information, or for the keys to the kingdom, AKA NetIDs and passwords.I would not call you gullible. You didn’t click on the link.

    Reply

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s