« Vat MeatOn The Hubris Of Tooth Doctors »



  02:25:18 am, by Nimble   , 553 words  
Categories: Thoughts, Ethics, Internet


I get a number of phishing e-mails dropped in my e-mail box. What's that? This is nastier than spam. These are criminals in every sense of the word, imitating an emergency or account update from an institution that you might belong to, such as eBay, Paypal or CapitalOne Bank, asking you to log in to "confirm your account details". Spammers live in a gray area, just annoying you for the most part. Phishers can destroy your life, if you let them.

Some of them are looking to use your name and password for criminal acts, like selling things through your account and never delivering, sullying your good name at no cost to themselves. Many more are looking for banking details, like your account number, credit card number, bank card and PIN combination, and so forth.

If you've never seen a phishing scam, take a look at a screen capture of the one I just got today. The e-mail may look official when you see it in your mailbox, but it is just a giant image, and if you clicked on it in the e-mail, you would be taken, not to eBay, but to

Now, the site these criminals put up is still up, as of this writing. Do me a favour and help "poison the well" of data these jerks are receiving. If they get a lot of data that looks good, but is bogus, then there's a chance that we'll be able to save some people (not all) from being scammed.

Give them account names with fake, but reasonable-sounding passwords. Personally, I looked for people on eBay selling anything with "banana" in the name. If you choose real account names with bogus passwords, perhaps the scammers may waste some time trying to take over accounts that they can't.

Give them fake credit card numbers. Now here's the tricky bit: they do have a bit of code that verifies whether the credit card number has a matching checksum inside it, so you have to go to a bit more effort to create a totally fake one. The credit card number has to pass the Luhn formula.

Here is an absolutely perfect page for generating garbage credit card numbers. If you hit Reload, you'll get a different set. Cut and paste them into the spot for credit card number, and fake the rest until it accepts your posting.

You'll notice that it helpfully dumps you onto real eBay page. If you had posted your actual credit card details, your credit card would soon be used by thieves. Credit card thievery, if you notice it soon enough, will simply cause you major inconvenience and a reprimand from the credit card company... they lose out big time on fraud like this... but if they got your bank details, or your credit card happens to also be your bank card, you aren't as well protected.

Mess up any phishing scammer you can. Until there's a reliable way of reporting them (I use reportphishing@antiphishing.org, but there's not a whole lot they can do), the least we can do is mess them up.

NOTE: If you have any software that fills in your credit card information for you, please A. don't click on the phishers' link, and B. for goodness' sake, don't DO that!

No feedback yet