![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
jim_pMany of us have received bogus emails from time to time from various providers that we use, asking us to "update our information" by typing in our name and password. I've gotten several, for instance, purporting to be from eBay (usually right after I've bid on something). Usually I just send them on to the appropriate abuse address and let that be that.
This one I have to tell you about, though, because it's gotta be the ballsiest one I've seen to date. It claims to come from "Antifraud department frauds@authorizenet.com". The message begins:
Attention! In our global system of monitoring there was a technical failure.
In avoidance of frauds with your credit card enter the full data for
authorization, otherwise your credit card will be frozen during 10 day.
The compound-fractured grammar should be a tip-off right then and there. The message also included some verbage cut-and-pasted from authorize.net's website, in real English this time.
What was fun was the information they asked for, in a convenient web form with a "Submit" button. They ask for:
The only thing is, I don't know if they really truly expected to collect this information and use it, or if they were just trolling to create a list of "People So Stupid They'll Fall For Anything" and sell that to spammers? Or both?
This one I have to tell you about, though, because it's gotta be the ballsiest one I've seen to date. It claims to come from "Antifraud department frauds@authorizenet.com". The message begins:
Attention! In our global system of monitoring there was a technical failure.
In avoidance of frauds with your credit card enter the full data for
authorization, otherwise your credit card will be frozen during 10 day.
The compound-fractured grammar should be a tip-off right then and there. The message also included some verbage cut-and-pasted from authorize.net's website, in real English this time.
What was fun was the information they asked for, in a convenient web form with a "Submit" button. They ask for:
- First Name
- Last Name
- Date of Birth
- Social Security Number
- Mother's Maiden Name
- Alternative Password
- Full name on Credit Card
- Card type
- Card Number
- Expiry date [sic]
- CVV2 code:
- ATM PIN
- Credit Card Billing Address
- Phone Number
- Fax Number
The only thing is, I don't know if they really truly expected to collect this information and use it, or if they were just trolling to create a list of "People So Stupid They'll Fall For Anything" and sell that to spammers? Or both?
