Become a fan of Slashdot on Facebook

 



Forgot your password?
typodupeerror
×
Security Spam

Phish Scams Fooling 28% of Users 618

Etaipo writes "Anti-spam firm MailFrontier Inc has done some testing with consumers to see if they could differentiate between legitimate e-mails and phish scams. The results, to me, were pretty shocking. The company also has provided a similar test on its web site. Get an answer wrong, and we revoke your geek license on the spot."
This discussion has been archived. No new comments can be posted.

Phish Scams Fooling 28% of Users

Comments Filter:
  • by garcia ( 6573 ) * on Wednesday July 28, 2004 @03:02PM (#9824518)
    Personally I never cared for Phish. They attracted a lot of the same fanbase as the Dead but I just couldn't bring myself to like them. I tried, I really, really did. It's sorta sad that now that they are breaking up for good that they are scamming 28% of the population. I would have never guessed that a cool jam-band would have to resort to this sort of scheming in order to get money!

    I guess after all those tours and all those basically unsuccessful albums they are in need of people's credit cards in order to support their own solo touring and promotion.

    All kidding aside, I am genuinely disgusting that the authors of these articles did not call this sort of scam by a legitimate title such as "fishing" or "credit card scamming" or "you are a fucking moron for falling for the give me your Credit Card Number in an email" like it has been in the past. I wasn't aware that "scr1p+ K1dd13 sp34k" had crossed into "real journalism". I can see it now... Parents banning their children from listening to Phish because FoxNews told them that they could have their credit cards stolen.

    -1 Troll for the authors of these articles.
    • by real_smiff ( 611054 ) on Wednesday July 28, 2004 @03:18PM (#9824741)
      "I am genuinely disgusting.."

      disgusted. you are disgusted. i make this mistake all the time :/

      agree about the leet speak.

      i came very very close the other day to falling for a fake eBay "your account has been hacked, verify your account details" type scam. it was brilliant, no typos, perfect grammar, good layout, and most of all: i was tired when i got it. felt like a right plonker for even believing it for a second. now i have a lot more sympathy for people who fall for these things. thank god i did check the url.

      • This is why... (Score:5, Insightful)

        by devphil ( 51341 ) on Wednesday July 28, 2004 @03:46PM (#9825141) Homepage


        ...I won't use an email client that renders HTML. Or at least, won't let me turn that off.

        When I get these mails, 95% of the time I delete them unread; no legitimate business should ever need me to "confirm my information". Every so often I look at one, and since I only see the raw HTML, it's easy to see that the images and whatnot are all being pulled from the real company site, except for the "login" link which goes to some mysterious dotted quad address.

        (Side note to companies: stop letting outsiders pull images off your server; only let your own pages refer to them. It's an Apache FAQ, fer cryin' out loud.)

        Every so often a friend will send me HTML mail, but I can cope. :-)

        • Re:This is why... (Score:4, Insightful)

          by OneSeven ( 680232 ) on Wednesday July 28, 2004 @06:37PM (#9826648)
          but... the work around is so easy, that it's barely worth even trying to protect the images. It's called 'Print Screen'.
        • Re:This is why... (Score:5, Insightful)

          by Tony-A ( 29931 ) on Wednesday July 28, 2004 @08:47PM (#9827474)
          "confirm my information".

          There is a meaning to this word confirm.
          If they list the information they wish to confirm, it might be legitimate.
          If they list no information that is to be confirmed, it's a scam.
          There is a problem if several pieces of information with one of them wrong.

          "your account has been hacked, verify your account details"
          Which account has been hacked?

          You know the account has been hacked.
          You know the account is mine.
          You will not tell me which account, how you know it is hacked, and how you know it is mine.
          It's not the misspellings, bad grammar, etc. There's something missing that any legitimate message of that sort would have. Essentially it's insider information pertinent to why this comes from you to me.
      • by hkon ( 46756 ) on Wednesday July 28, 2004 @04:59PM (#9825889) Homepage

        I am genuinely disgusting.."

        disgusted. you are disgusted.


        What do you know, maybe he is the goatse guy, in which case I think we can all agree his statement is perfectly correct.

    • by PitaBred ( 632671 ) <slashdot.pitabred@dyndns@org> on Wednesday July 28, 2004 @03:27PM (#9824874) Homepage
      The problem is that "phishing" is describing this action specifically, rather than going out to the lake with a pole and a bunch of worms. It's been accepted into the lexicon, same as "phreaking".
      Phishing also has the connotation of hoodwinking users, getting passwords, whatever, not just credit card info.
    • by Pharmboy ( 216950 ) on Wednesday July 28, 2004 @04:34PM (#9825666) Journal
      Personally, I think replacing F with PH is pretty lame, in all things...
  • by grub ( 11606 ) <slashdot@grub.net> on Wednesday July 28, 2004 @03:03PM (#9824522) Homepage Journal

    I answered 2 incorrectly as Fraud to get an 80% score so I lose 2 geek points but gain them back for erring on the side of caution. Actually I never bother with HTML mail and just skip it. That hasn't bit my butt yet.

    IT's colour schemes are giving me a seizure...
    • by Scorchio ( 177053 ) on Wednesday July 28, 2004 @03:29PM (#9824892)
      Oh, it's a colour scheme, is it? I thought my monitor was running low on ink.
    • by zurab ( 188064 ) on Wednesday July 28, 2004 @03:57PM (#9825293)
      I only got the first one wrong - MS Hotmail e-mail was actually legitimate and I marked it as fraud. But I don't have Hotmail, and I don't plan on ever having it - so for me it would be illegitimate.

      Besides, you are right about HTML mail. If I subscribe to e-mail notifications from websites, I always choose plain text e-mails. If I do get HTML mail, I look at its headers first (without opening content and certainly not loading any images) - most of it is spam/fraud/whatever. So, maybe there should have been a way to display headers in the test.
    • I answered one incorrectly as fraud (the MSN one), and the rest perfect. But I was surprised I actually scored so highly as the test removed all the methods I use to spot fakes:

      1) I couldn't see where the links were pointing as they had been removed.
      2) I couldn't see the email headers.
      3) I had no idea if any personal information (at the most basic level, name) was correct or not. Though I would err slightly on the side of counting any email that has personal details in it as legit, it is obviously fraud if it carries somebody else's name.
      4) Am I supposed to be actually subsribed to any of these services or not? If I get something from citibank like that in my inbox, I'm going to mark it as fraud as I have absolutely nothing to do with them. (This is my excuse for the hotmail/MSN one!)

      It's very possible most people don't check the first two at all, in which case I have slightly more sympathy with them seeing how confusing it can be now.

      Maybe an added layer of security could be to go to the site in question and log in from there manually to check everything?

      • by @madeus ( 24818 ) <slashdot_24818@mac.com> on Wednesday July 28, 2004 @04:49PM (#9825797)
        The test was completly meaningless as you couldn't do all the correct things you SHOULD to to check the authenticity of an email.

        It encorages people to base decisions based on *hunches*, which is utterly retarded. You could take a genunine email and alter the URL and you'd never know you'd been duped if you went by the examples in this test - you'd just think it looked real, click on the URL, login and end up being scammed.

        This 'test' is utterly worthless as a result. You *can't* tell just by looking at the surface content of an HTML rendered email. If you can't look at the email headers or the URLs you have no way of knowing all of them arn't spoofed.
        • by meta-monkey ( 321000 ) on Wednesday July 28, 2004 @05:32PM (#9826185) Journal
          On the other hand, consider that in this test, subjects were actively thinking about whether or not these emails were fraud. They had advance warning that they might be exposed to fraud. That doesn't happen in the real world...the general assumption when you get an email from a service to which you subscribe is, "Oh, this service I use is trying to contact me about something important."

          It's kind of like April Fool's Day. Play a prank on somebody on April Fool's Day, when they're expecting it, and they might not fall for it, because they're on the lookout. On any other day, the same prank might succeed easily, because the victim is caught off gaurd.
        • If that's so, then why did we all score so high (I got a 90% -- I thought the "paypal shipping" one [#9] was a fraud)?

          The reason is that there's one way you can tell: ALL the frauds had text saying "click this link" The two legitimate ones other than #9 told you to sign in, but didn't provide a link. (although they did provide other hyperlinks -- just not to the login page)

          #9 fooled me because it had a link to click.
  • I got a 3 (Score:5, Funny)

    by Sowbug ( 16204 ) * on Wednesday July 28, 2004 @03:03PM (#9824523) Homepage
    Why did I have to provide a credit card number before the test showed me my score?
    • by beee ( 98582 )
      Wow, I don't find this post funny at all. How is a fellow slashdotter getting scammed funny? Sowbug, I recommend you cancel your CC immediately by calling your provider's phone hotline. Someone may have already begun using it for nefarious purposes.
    • Re:I got a 3 (Score:5, Interesting)

      by The0retical ( 307064 ) on Wednesday July 28, 2004 @03:14PM (#9824697)
      I got them all right, what most people forget is that reputable companies will never send you a link to update your account info. They will give instructions but never the latter. That is the dead give away that it is fake.
      • Re:I got a 3 (Score:3, Informative)

        by aflat362 ( 601039 )
        Paypal sends me emails with links to update my credit card information after it has expired. yes, I know they are legit

        though, I never follow the links, I do browse to the site just in case.

        I was a little angry at paypal for doing this because the fact that legitimate companies DO send emails with links, the average joe or jane lets down their defences to actual phish emails.

        This sucks for me because my girlfriend and family are non-geek persons and I have to explain to them to never NEVER follow links fr

      • Re:I got a 3 (Score:5, Insightful)

        by jandrese ( 485 ) * <kensama@vt.edu> on Wednesday July 28, 2004 @04:19PM (#9825519) Homepage Journal
        The biggest tipoff is when it starts off with "Dear Paypal user" or something like that. Most companies go to the trouble of putting your actual name in there, so if whoever is sending you the email doesn't even know your name...well, you figure it out. This tactic even worked in the example quiz! It's a great first pass (the second pass is of course to mouseover any URLs (or check the source) and see exactly where they're sending you.

        The only example that really made me think was the MSN account expiring message. At first I thought that had to be a fake because what's the point of sending you an email telling you that you need to log into your email to save your account? Then I realized it was actually an ad for a related pay MSN service and immediatly knew that it was real.
        • Re:I got a 3 (Score:4, Insightful)

          by Chibi ( 232518 ) on Wednesday July 28, 2004 @05:21PM (#9826075) Journal
          The biggest tipoff is when it starts off with "Dear Paypal user" or something like that. Most companies go to the trouble of putting your actual name in there, so if whoever is sending you the email doesn't even know your name...well, you figure it out. This tactic even worked in the example quiz! It's a great first pass (the second pass is of course to mouseover any URLs (or check the source) and see exactly where they're sending you.


          I've recently been getting some spam that has my name and some address info in the subject line. It's obviously spam, and someone trying to rip me off. I've also been getting a lot more 419 spam, and that usually has my name (although they always refer to me by my last name *sigh*). But I just wanted to point out that we all probably have a lot of info about us out there ready to be used against us. As you say, it's a good "first pass" test, but nothing more than that.

  • by eaglebtc ( 303754 ) * on Wednesday July 28, 2004 @03:03PM (#9824526)
    I passed with flying colors! This is an excellent quiz to send to your friends who are less internet-savvy. I found a common thread throughout all of them: "if you don't verify your account information, it will be suspended."
  • This test is bogus (Score:3, Insightful)

    by stecoop ( 759508 ) on Wednesday July 28, 2004 @03:03PM (#9824535) Journal
    This test is like a Kobayashi Maru test on star trek. You have to alter the conditions to win. You can't see the details in the hyper links nore the refer information in the header.
    • by PhxBlue ( 562201 ) on Wednesday July 28, 2004 @03:19PM (#9824766) Homepage Journal

      No, you just have to recognize the proper set of conditions. If an E-mail already contains correct and verifiable information about your account, or if it does not ask for any account information in the first place, it's probably legit. Otherwise, it's probably a fraud. My non-geek wife and I both took the test and scored 10 / 10.

      • by Kazoo the Clown ( 644526 ) on Wednesday July 28, 2004 @03:29PM (#9824891)

        No, you just have to recognize the proper set of conditions. If an E-mail already contains correct and verifiable information about your account, or if it does not ask for any account information in the first place, it's probably legit. Otherwise, it's probably a fraud. My non-geek wife and I both took the test and scored 10 / 10.

        Congratulations. However, by ALLOWING YOUR FINANCIAL INSTITUTION to send you correct and verifiable information over email, and since email is sent unencrypted they have in effect, published your information to the web at large. I would consider this a CONTRIBUTION TO FRAUD, and therefore equivalent to fraud, in my book. If I were to get that kind of information from a bona-fide financial institution I'm associated with, I will immediately contact them and treat it like an actual fraud-- change my account, etc.

        This site is bogus because it is giving you a false sense of security...

  • by gbulmash ( 688770 ) * <`semi_famous' `at' `yahoo.com'> on Wednesday July 28, 2004 @03:03PM (#9824536) Homepage Journal
    I scored 90%, incorrectly IDing one legit e-mail as a fraud, meaning I missed one because of being overly cautious.

    Some of these fraud mails looked really legit and were mainly given away by the fact that their URLs went to something like fraudprevent-visa.com instead of fraudprevent.visa.com. fraudprevent-visa.com is a domain name that may or may not be affiliated with Visa, while fraudprevent.visa.com is a subdomain of Visa.com, meaning it's not 100% safe, but much more likely to be legit.

    But asking people to know this difference is asking a bit much of them. What might be interesting would be a "Phisher Identifier" built into mail clients that could identify bogus or unauthorized URLs based on a very carefully maintained database of legitimate URLs.

    Seems that a plug-in could be written for Outlook, Eudora, etc.

    - Greg

    • You might be interested in Spoofstick [corestreet.com] it shows you the "real" domain url for whatever webpage your connected to.
  • Do I loose points if the page won't load due to a slashdotting?
    • Re:./ing (Score:3, Funny)

      by bheerssen ( 534014 )
      Oh yes, please do. Just be careful. Pent-up points can be very dangerous when loosed upon an unsuspecting populous.

  • by mabu ( 178417 ) * on Wednesday July 28, 2004 @03:04PM (#9824556)
    Let me be among the first to call "Bullshit" on this supposed test.

    Any nerd worth his salt knows to first check the headers of the e-mail and Lookup the IP [dnsstuff.com] to see where the mail really came from, and/or view the source of the HTML and identify obfusicated URL redirects. Then again, any IT guy who is using HTML-enabled e-mail should have his geek license revoked in the first place.
    • by Anonymous Coward on Wednesday July 28, 2004 @03:08PM (#9824606)

      any "nerd" would run his own DNS server and wouldn't need web-based turd like. Poser.
      • any "nerd" would run his own DNS server and wouldn't need web-based turd like. Poser.

        FYI, I run my own DNS of course. But I use IPWHOIS from Dnsstuff. It's a nice, fast service and it's faster than doing it from the shell, and it has nice links so I can e-mail admins or drill-down to see who's in charge of IP blocks.

    • Let's all use Pine!

      Maybe you don't live in the real world, but in my company we deal with clients that send HTML emails when plaintext would do, we send HTML (or even Flash) newsletters for clients, and we have a 1-5 geek ratio. So checking headers, looking up the IP originator, or viewing the source isn't an option for the four of us that aren't geeks.

      Since I'm one of the geeks, I do my best to educate and inform my colleagues. But I can't do that for everyone - my wife's grandparents will probably fall
    • You're right, but most people don't know how to check the headers, much less look up the IP. But the two easiest checks against these type of messages weren't available in the test:
      1) Does it make sense that I would get this? If I don't use US Bank, for instance, it's obvious it's fraud. But for the sake of the test, I think they assume you're involved with those companies, and that's okay.

      2) More importantly, they don't let you check where the links are going to. If I rollover "www.paypal.com" and in
  • by bennomatic ( 691188 ) on Wednesday July 28, 2004 @03:05PM (#9824566) Homepage
    I had a client recently who called me complaining that she was getting hundreds of e-mails bounced to her that she didn't send out. I asked her if she had recently opened any email attachments, and sure enough, she said, "Only the one that Microsoft sent me that was a required security upgrade. Come to think of it, that's about when this problem started"

    When it's that easy, you can't even call it social engineering. It's just social nudging, and people are ready to fall for it.

  • by romper ( 47937 ) on Wednesday July 28, 2004 @03:05PM (#9824569)
    Nevermind this. I'm still waiting for my money from Bill Gates and Disney for forwarding that email to everyone I know a couple years back.
  • How many legitimate "offers" have you actually gotten via email? I'd like to see the person who signs up for porn and conducts business using the same email address.
  • then the web server fell over from the massive /.'ing
  • Why, I'm actually subscribed [phish.net] to them.

    -phozz

  • by tsarin ( 217882 )
    I just got a phish email "from" Citibank (with whom I haven't had an account in several years; that was my first hint...), and forwarded it on to emailfraud@citigroup.com and uce@ftc.gov.

    Flip back to and refresh /. to see that almost a third of email users don't have the third of a clue it would take to recognize this crap for what it is. "We has noticed a high level of suspishous attemtpts to access your account and brute force your PIN..."? Um. Okay.

  • Aside from the fact that I never click on links in email, what I do do is look at the received headers and the actual links to see where there really go to decide if it's phishbait or not. They've deleted both from the test messages...
  • by goldspider ( 445116 ) on Wednesday July 28, 2004 @03:07PM (#9824599) Homepage
    There are a lot of uninformed and gullable Internet users out there.

    Pictures at eleven.

  • by MacGoldstein ( 619138 ) <jasonmp85NO@SPAMmac.com> on Wednesday July 28, 2004 @03:08PM (#9824605) Homepage
    But haven't fallen.

    My parents got an e-mail stating that we were charged $3000 for a new Dell laptop. Nevermind that we all use Macs.

    So I check out the site... Looks professional, seems legit, but it asks for a bank account and social number on a non-secure connection... Phishy?

    I checked out the root domain of the given address and ran a search to see to whom the site was registered. Definitely not a real company, an individual, and the root domain didn't exist as an accessible webpage. Not the kind of thing that is very professional. I bounced the e-mail back and dismissed it. Our credit bill the next month didn't have a Dell laptop on it. What do you know?

    All it takes is some common sense to get out of these things, but perhaps real companies should start adopting S/MIME or PGP to ensure their identities to make it more apparent to a layperson.

    Of course, a false company could just as easily hide behind these "foolproof" authentication mechanisms.
  • Unfair test (Score:5, Informative)

    by asdfasdfasdfasdf ( 211581 ) on Wednesday July 28, 2004 @03:08PM (#9824607)
    Honestly, I got through 3 examples before giving up. The real test for me is, "Is the link back to the official site? Or does it look like a link and take you to some mysterious 3rd party server?"

    In this test *ALL* links pop up to a "for the purposes of this test, this link has been suspended" This makes the whole thing useless.

    Anybody can copy a legit paypal or eBay email and change a few words and make it "look" real. The key is in the links and the data mining.

    • Re:Unfair test (Score:3, Insightful)

      No, the key is, a legit email should not ask you to click a link, but rather to "go to our website" (but not provide the link).
      Let the user login as usual, and he/she will be safer.

      That logic gave me a 10/10 result on the test.
    • Re:Unfair test (Score:5, Informative)

      by MaelstromX ( 739241 ) on Wednesday July 28, 2004 @03:56PM (#9825278)
      I suspect you use Firefox, which, for me, didn't show the URL's of the links when I put the cursor over them for some reason. I opened up IE and it worked fine.

      Is this test not Firefox friendly? If not, why didn't the story say so? (don't a lot of people on /. use Firefox?)
  • one of the things I look for is the actual location of hyperlinks. the online test disables the viewing of the location of the hyperlink in the status bar.
    • 10/10 anyway (Score:3, Informative)

      spoilers within:

      1. Microsoft Email Link
      Legitimate ... CORRECT

      2. PayPal Email Link
      Fraud ... CORRECT

      3. eBay Email Link
      Fraud ... CORRECT

      4. US Bank Email Link
      Fraud ... CORRECT

      5. PayPal Email Link
      Legitimate ... CORRECT

      6. Earthlink Email Link
      Fraud ... CORRECT

      7. Citibank Email Link
      Fraud ... CORRECT

      8. eBay Email Link
      Fraud ... CORRECT

      9. Paypal Email Link
      Legitimate ... CORRECT

      10. Visa Email Link
      Fraud ... CORRECT

      You got 10 out of 10 correct, or 100 %

      Just viewed the source of the pages, easy enough to t

  • Rule Number One - never post your press releases to Slashdot if you aren't sure your servers will handle it...
  • Can't I live while I'm young?
  • by Politicus ( 704035 ) <salubrious@ymail ... minus herbivore> on Wednesday July 28, 2004 @03:11PM (#9824651) Homepage
    Is it really so surprising that as spam matures it gets better at impersonating real email? It would be useful to repeat such a test periodically to see it trend over time. Likewise, it would be interesting to see the nature of valid business email content change over time to adjust. Perhaps we can have an internet age Darwin elaborate on the mechanics.
  • hard? (Score:5, Informative)

    by Bobman1235 ( 191138 ) on Wednesday July 28, 2004 @03:12PM (#9824665) Homepage
    Honestly, it's pretty simple. Just never click on any link in any email. If it's from a company you deal with, type in the URL you know and love to find the information. The only one of the emails in that entire "quiz" I would have trusted was the one without any links, that simply said "go to ebay.com, click on your account." Anything else could be fake.

    At the very least, copy and paste the URL rather than click it, and study it for 3 seconds before going to the site to make sure it looks like the site you think you're going to.
  • Come from legitimate sources whom I have existing relationship with.
  • This sensationalist phishing PR campaign, if anything, once again proves that content-based filtering is a waste of time and resources. If you rely on spell-checking corporate e-mail as a means to identify its legitimacy, you're off track. If you rely on subtle hints in the message to tip you off that something's funny, you're wasting time.

    A simple check of the source IP of the mail relay is the most reliable method of identifying phishing scams. Many of us who primarily use RBLs to block spammers don't
  • by deragon ( 112986 ) on Wednesday July 28, 2004 @03:17PM (#9824732) Homepage Journal
    I was once fooled believing that I received a fraudulant email making me believe it came from Sony. I wrote to Sony to report the email and they told me it was legite!

    What caused me to think it was fraudulant? Well, the URLs in the email was going for something like sony.<somecompany>.com. The URL did not finish with "sony.com". The only way to figure out if an email is phoney or not is to check the URLs (assuming your browser does not have the famous URL bug which shows you a legite URL but once clicked, sends you to another site while still showing the legite URL in the URL bar), but when companies use 3rd parties to email their users and provide services, they cause these confusions.
  • Talk to Verizon (Score:5, Interesting)

    by RealityMogul ( 663835 ) on Wednesday July 28, 2004 @03:17PM (#9824737)
    I got Verizon DSL service back in February. A month later, I got an e-mail that basically stated there was a problem applying the DSL charges to my phone bill. In the e-mail, which was sent to "Verizon Customer", they suggested I reply to the e-mail with my account name and credit card information.

    I thought it was a scam, but left it in my inbox. Two weeks later my service was shutoff. Apparently the message was legit.

    After I got the problem straightened out, I sent them a very nasty, yet informative, e-mail and they agreed that they will review their e-mail policies and apologized for sending such a message to begin with.
    • Re:Talk to Verizon (Score:4, Interesting)

      by RobertB-DC ( 622190 ) * on Wednesday July 28, 2004 @03:45PM (#9825120) Homepage Journal
      After I got the problem straightened out, I sent them a very nasty, yet informative, e-mail and they agreed that they will review their e-mail policies and apologized for sending such a message to begin with.

      They're not the only company to have this problem. I signed up for email from Palm, but never clicked on the links because they were always in the form of "palm.somemarketingcompany.com/offer/etc".

      I finally went to the Palm site's Contact Us link and sent a note. To my surprise, they replied quickly and said the same thing -- they're re-evaluating their email procedures.

      Happy ending: about a month later, the URLs all pointed to a clearly Palm-owned domain, and I'm considering replacing my over-the-hill Palm III with a refurbished low-end Zire (underpowered, but cheaper than eBay).
  • nice link! (Score:5, Funny)

    by jjeffries ( 17675 ) on Wednesday July 28, 2004 @03:19PM (#9824765)
    Linking to a cgi from the front page? Why don't we just find out where the server is and burn down the building instead?
  • by Anonymous Coward
    I got one that looked like a family gathering invitation. They must have hacked my mom's email account. They wanted me to respond with my "rsvp." That set off my bullshit detector. I better let mom know because they keep sending me email and now they're claiming I'm going to be disowned if I don't show to my own brother's wedding. I've stopped answering the phone as well because they have sound-alikes leaving me messages and look-alikes showing up at my door. You know as soon as they get your rsvp, they emp
  • by RobertB-DC ( 622190 ) * on Wednesday July 28, 2004 @03:19PM (#9824771) Homepage Journal
    Here's a quickie link to the test examples. The month's almost over, and I've got plenty of bandwidth to burn. (Famous last words...)

    http://www.littlecutie.net/temp/slashdot/ [littlecutie.net]
  • ...was one from MS saying you'd better log into Hotmail once a month or they would delete all your email. I figured that was even dickheaded for MS - I mean, an extended vacation and you lose all your email. I assumed that the $19.95 "upgrade" link, while it looked good, must have been obfuscated somehow and was redirected to a "lookalike" site.

    So I got 9/10 because MS is an even bigger bunch of assholes than I'd have thought. Wow.

  • Sweet! (Score:2, Funny)

    by Nu11.org ( 676686 )
    I got all the questions right, plus I'm getting millions of dollarz from this guy in Nigeria. Thanks for forwarding the link to us! Null
  • Here's one [amon-hen.com] I got a while back. It wasn't quite taken in buy it.

  • ...and the damned thing took forever to load the test questions. I literaly wasted 15 miutes trying to load the pages while I multitasked.

    The big kicker? When I hit "Score" it wiped my answers and started me over. I wanted to see the results and did not want to retake the thing because it took so long so I marked the first one as ok and the rest as false because I was in a hurry and pissed at this point.

    I got an 80% score as a result, and then I wondered if anyone else had the same problem and if it sk
  • Errr... I guess I'll take the test tomorrow, when pages on their webserver take less than 6 minutes to load...
  • check it out, interesting use of frames by the perps

    Anatomy of an embryonic identity-theft-by-email [kuro5hin.org]
  • by Ricdude ( 4163 ) on Wednesday July 28, 2004 @03:31PM (#9824916) Homepage
    ...that I would have clicked any of the links in the emails.

    If I get any message that smells remotely like phish (i.e. any email that tells me to do something with my account), I go to my browser, and visit the site by manually entering the name of the website. If it then turns out to be a bogus email, I send a copy to the admins of the site, so they can track the insensitive clods down, and do whatever it is they do with them.

    The IQ test would be a lot easier with access to full mail headers, too...
  • by Timesprout ( 579035 ) on Wednesday July 28, 2004 @03:34PM (#9824962)
    We here at phishfarm offer a compehensive monitoring and blocking service to save our customers from hassle such as this. Just email all your bank account details (required for verification) to make.timesprout@rich.com and we will ensure that email soliciting for information or money will ever reach you again.

    PS we have found that sending us naked pictures of your wives/girlfriends increases the accuracy and efficiency of our blocking engines so for the highest quality of service include a few piccies.

  • ...telling her she had won a trip for two to the ESPN Espy Awards show in Hollywood on July 14th. She sent me an IM about it, and I (rather condescendingly) informed her that she was almost certainly being spammed. Well, after going to espn.com and finding that the person listed in the email was really in their PR department, and contacting her through their 800 number, guess what?

    That was the coolest hotel [renaissancehollywood.com] I've ever stayed in. The show sucked, but the view from the room [24.211.224.125] almost made up for it.
    • I got an email "from Microsoft" in 2000 that I thought was spam or a con job. I almost bounced it to abuse because there's no way Microsoft wanted to give me a free Pocket PC... I'm obviously not a Microsoft fan.

      Free trip to Redmond, tour of the new Experience Music Project, *three* Pocket PCs and a bunch of other swag... and they actually listened to what a bunch of Palm fans with a general bias against Microsoft thought and significantly improved Pocket PC 2002 as a result.

      (am I using a Pocket PC now? N
  • by Illissius ( 694708 ) on Wednesday July 28, 2004 @04:06PM (#9825408)
    Took the test, using Opera. All the links, when I hovered over them, pointed to http://survey.mailfrontier.com/survey/phishingtest /message_1/message1.htm#, which I assumed was part of their thing to not let you see the links. Got 6/10. Was somewhat puzzled, as I'm otherwise not a complete braindead dumbass. Check back at it with IE... turns out if you hover over them in IE, it actually displays the URL it's supposed to go to, meaning I'd've (double contraction, eh) gotten 10/10 most likely.
    So is it taking advantage of an IE security bug, or what? (For the record, I just checked it with Firefox and it does the same thing, so this is not just Opera being a piece of crap.)

    (I'll probably get modded down, and deserve it too, but I'm too amused at the moment to care.)
  • Broken in Mozilla (Score:3, Interesting)

    by Jagasian ( 129329 ) on Wednesday July 28, 2004 @05:41PM (#9826262)
    I am using Mozilla 1.6 on Linux, and none of the links work, nor do they show anything in the status bar. I think the test is broken for Mozilla. Since when did Slashdot become a hangout for Windows users that pretend to be Linux zealots?
  • Some bad examples (Score:3, Insightful)

    by Spazmania ( 174582 ) on Wednesday July 28, 2004 @06:35PM (#9826632) Homepage
    Just want to point out that two of the "legitimate" emails on the web survey could easily have been fraudulent. These are the "Don't lose your MSN Hotmail account!" email and the "Your credit card ending in 2008 will expire soon." email.

    In fact, I've seen a version very similar to the credit card expiration link that warns about typing in the URL but then goes ahead and provides a clickable link anyway. When you look at the code, the link actually goes to a completely different URL than what is displayed, using the old trickery of "http://paypal.com@12356789/cgi-bin/trickedyou.cgi ".

    For those not familiar with the trick, "paypal.com" in the above url is the login name the web browser is instructed to provide to the web server while 12356789 is the decimal representation of the web server IP address.

    Only the shipping notice fails to smell fraudulent. Even that could be rigged if you wanted to, by having the tracking link require you to "open a free UPS tracking account."

    Of course, if they'd provided the entire emails instead of just the html representation, any techie could have sorted it out. But not the mere mortals.
  • by Fuzzums ( 250400 ) on Wednesday July 28, 2004 @07:44PM (#9827120) Homepage
    Why? The links are not working.

    All the fraud-mails I get refer to illegitimate websites or servers in China or Russia.

    An other way to check the validity of the mail is to check the mailheaders and see is they are correct.

    But still I scored 70%

    The funny thing is I would have scored 100% is this was for real. Why? I don't do PayPal, Visa, Earthlink and so on :)

    And GENERAL MOBUTU is not my african friend, so I'm not falling for his sweet talk either...
  • What a stupid test (Score:3, Insightful)

    by srn_test ( 27835 ) on Wednesday July 28, 2004 @08:00PM (#9827208) Homepage
    The _only_ way to tell the real thing from the fake is to look at the actual URL the link points to.

    The morons who run the test changed them all to point to their own site; so every one of them is clearly fake.

    Relying on any other content in the email is just stupid; the phishers will just improve their spelling and wording until it starts fooling enough people again.
  • good way to tell (Score:3, Informative)

    by shawn(at)fsu ( 447153 ) on Wednesday July 28, 2004 @09:36PM (#9827732) Homepage
    If the email says to login then update your information with out providing a link it's probably okay, if they provide you a link and it looks technicle then stay away.

Don't tell me how hard you work. Tell me how much you get done. -- James J. Ling

Working...