phishing for fun and ZERO profit
Bill Vermillion
fp at wjv.com
Wed Aug 25 07:42:15 PDT 2004
On Wed, Aug 25 10:07 , Men gasped, women fainted, and small children
were reduced to tears as Transpower at aol.com confessed to all:"
> A simple way to check out whether you're being phished or
> not is to enter a false password. If the false password is
> accepted, you've been phished!
Of course at that point you have just validated your address too.
No responsible company ever sends out mail like this, and
everyone should make it a rule to just delete the messages, that
ask for confidential information.
I used to forward them along, but it has been reported in the
trades recently that the the spam-scanning SW at Citi [as the
article said] was treating the forwarded messages with the
spam in them, as spam and deleting them. That meant than the
complaints were never received/read That's amost sounds like a
government operation :-)
I first saw password/account stealing a long time ago. This was in
the day of dial-ups, and the far person would do something so you
got a login prompt and the you'd enter you name, and then give you
a password prompt. You had assumed you had been dropped as old
dialups used to do so often. Now they had your name and password.
That was probably 1982 or 1983 - and was on one of the services.
I think I was off The Source at that time, so it was probably
Micro-Net/Compuserve or Bix.
Trust no one.
Bill
--
Bill Vermillion - bv @ wjv . com
More information about the Filepro-list
mailing list