Cyde Weys Musings

Part of a successful phishing scheme is making the email look legitimate. I just got a phishing email from people who are trying to steal the details to my (non-existant) Bank of America account. The thing is, the letter is terrible. It’s clearly written by someone with a sub-rudimentary level of understanding of English grammar and syntax. This wouldn’t convince a pensioner, let alone a techie like me. So why are they even bothering? Here’s the letter:

Dear Customer, cydeweys.

You are receiving this message, due to you protection, Our Online Technical
Security Service Foreign IP Spy recently detected that your online account was
recently logged on from am 62.2.174.213 without am International Access Code
(I.A.C) and from an unregistered computer, which was not verified by the Our
Online Service Department.

If you last logged in you online account on Thursday April 5th 2007, by the time
6:45 pm from an Foreign Ip their is no need for you to panic, but if you did log
in your account on the above Date and Time, kindly take 2-3 minute of your
online banking experince to verify and register your computer now to avoid
identity theft, your protection is our future medal.

Verification Link [redacted, but it didn't go to Bank of America]

Notice: You can acess your account from a foreign IP or country by getting am
(I.A.C) International Access Code, by contacting our local brances close to you.

If my bank actually sent me an email like that, I’d switch banks.

This entry was posted on Tuesday, May 1st, 2007 at 16:50 and is filed under Net. Keywords: Tags: email scam, phishing, scam. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.