Ooooh! I got a fraud alert from Chase!

[thewayne]

Dear Valued Customer,


During our usual security enhancement protocol, we observed multiple login attempt errors while login in to
your online banking account.

We have believe that someone other than you is trying to access your account for security reasons, we have temporarily suspend your account and your access to online banking and will be restricted if you fail to
update.

* * * * *

I didn't discard the email out of hand. While we don't do any checking/savings/credit card with Chase, Russet's Subaru from the elk crash last year is financed through them, so I had to open it.

Yep, spam.

Love the spacing! Unfortunately you can't see the multiple internal spaces between words, like you can't see that the Dear Valued Customer is not lined up with the rest of the verbiage. I particularly loved the "during our usual security enhancement protocol" and "errors while login in to" and "We have believe". And 'we believe someone is trying to access my account for security reasons'? They're going to improve your security, or my security, or what? The second paragraph is a complete mess.

Of course, the email address of (at)Frontier.com was a complete giveaway. They don't even make a decent attempt at hiding their domains anymore!

I don't think they completed their Financial Spam Email 201 course.

Comments

[rain_gryphon]

Nobody puts any effort into these anymore. I have to conclude that they're getting satisfactory results at such an incredibly low level of English competence that there's no need to do any better. It's sad.

[thewayne]

Yeah, they must be getting enough ROI on the lowest hanging fruit that they don't have to invest in better craftsmanship anymore. I read once that if dubious product spammers get 1% return on an junk email campaign, they make a profit.  And I'm sure they do.

[moxie_man]

Why invest in better craftsmanship when the basic American idiot knows all customer service has been outsourced overseas, so the English in "genuine" warning emails won't be any better.

[silveradept]

I mean, the way I understand it, they're really just looking to find someone too naïve and or too distracted to notice what's happening, at least for most spam. It is entertaining to see how bad it can get, though.

[moonhare]

‘Tis the Season!

[draconis]

And what's really sad is that crafting hard-to-detect phishing emails is relatively simple.

I did one a few years ago as part of an official exercise for Cyber Security Month at my company. Using nothing but publicly-available information and images, in about an hour I crafted one that even the CyberSec team had to look closely at to spot the flaws.

With such easy techniques, you'd think they'd take that extra little bit of time on the front end, since it should pay out significantly higher results. I'm glad they don't, though.

[thewayne]

When your own IT group has to really scrutinize a product that they know is fake in order to determine that it is, indeed, fake, you know you've crafted a good product!

When I was doing IT for a police dept back in the '90s, one of the detectives in our group went to a security conference.  One of the things that he learned was how to access unsecured email server forwarding ports and he sent me an email from santa(at)northpole.org using tty, IIRC.  I thought that was pretty cool, and also sad.  Can't remember who he accessed, I think it was a uni.

[draconis]

Thank you -- although it helps when you know what things the IT team looks for, so you can make sure you avoid those. But it's not like it's a super-secret list, or anything.

Yeah, spoofing the return address isn't all that hard if you don't care whether or not you receive any replies from them. And yes, of course that was one of the things I did as part of my exercise. :-)

[thewayne]

Insider information is always invaluable: that's what makes the insider threat so powerful!  It's also why it's important that when disgruntled employees give their notice, immediately revoke their credentials, pay them for two weeks, and walk them out the door.