20040309

I was about to complain about banks that send emails that look identical to phishing scams that they warn you against, when, after closer inspection, I discovered that the email in question was actually a phishing scam. This would be the benefit of reading email without HTML: all that came up in pine was a legitimate URL, barclays.co.uk. If I had clicked on this URL then, er, nothing would have happened. And if I had cut-n-pasted it to my browser, I would have gone to barclays.
I had to pipe the message to stdout to see that actually the message was trying to take me to a faked URL,

barclays.co.uk%01%01%01... etc.... @www.best-news.ru

If you go to this website, then it redirects to a page: http://online.lloydstsb.co.uk%01@207.150.192.12/temp/microcro/l/applypassword.php.

Which is where the whole scam rather breaks down pathetically, since firstly most browsers now refuse to go to URLs with user names in them (which seems a bit of a cop-out, but there you go), and secondly, up pops a faked page from Lloyds-TSB to steal my password, which is a bit stupid, given that the initial email claimed to be from barclays. Come on, you crazy russians, you must try harder...

No comments: