Wednesday, October 06, 2010
Alert: Your address has been changed. - PayPal
Today I received a phishing attempt I thought was a bit different and may catch people out, so I decided to warn others. The email had the subject Your address has been changed. and is designed to make people feel their PayPal account address has been changed.
I've found over the years most threats on the internet require people to take action when they shouldn't. The psychological tricks these dubious people use are quite interesting. Imagine you're not quite thinking and you get an email which tricks you into believing your bank account address details have been changed and you think you are being notified by the bank. A small lapse in concentration and the phishing attempt has worked.
In this case the attack is targeted at Australians with an Australian address provided. As attacks become more sophisticated and more directed, the greater the chance of someone being tricked. As you can see by the text tip provided by Outlook when you move the mouse over the link, the site you'd go to is obviously not PayPal.
We can all be tricked. The recent iTunes gift voucher phishing attack saw the number of Mac users reaching my site go from 6-8% of the traffic to 25-30% of the traffic. It was truly amazing to not only saw the enormous number of people who were tricked, but also the significant increase in the proportion of Mac users hitting this blog.
To show how easy is it to be tricked I'll share this story.
I heard a person was waiting for a parking spot at a shopping centre and another driver rudely pulled in quickly, in front of them. As expected the person was irate. A short while later they saw the driver of the car in the shopping centre so they tapped them on the shoulder and said "excuse me. Do you own (the type of car) such and such a car". The answer was "yes, why". The person then said "someone has smashed into your car", to which the person rushed off in panic to check their car. The person was satisfied they'd inconvenienced the other driver as they'd been inconvenienced. All that is needed is a little information we can related to and we can all be tricked very easily.
Do take care on the internet. Whilst I do make money fixing people's computers and removing virus infections, it really is work I'd prefer wasn't required.
Kelvin Eldridge
PS. OzEfilter is the product I wrote and use which helps me avoid being tricked by phishing and malware attacks. For free anti-virus software read earlier blog posts where I ran parallel tests against various packages over a week.
I've found over the years most threats on the internet require people to take action when they shouldn't. The psychological tricks these dubious people use are quite interesting. Imagine you're not quite thinking and you get an email which tricks you into believing your bank account address details have been changed and you think you are being notified by the bank. A small lapse in concentration and the phishing attempt has worked.
In this case the attack is targeted at Australians with an Australian address provided. As attacks become more sophisticated and more directed, the greater the chance of someone being tricked. As you can see by the text tip provided by Outlook when you move the mouse over the link, the site you'd go to is obviously not PayPal.
We can all be tricked. The recent iTunes gift voucher phishing attack saw the number of Mac users reaching my site go from 6-8% of the traffic to 25-30% of the traffic. It was truly amazing to not only saw the enormous number of people who were tricked, but also the significant increase in the proportion of Mac users hitting this blog.
To show how easy is it to be tricked I'll share this story.
I heard a person was waiting for a parking spot at a shopping centre and another driver rudely pulled in quickly, in front of them. As expected the person was irate. A short while later they saw the driver of the car in the shopping centre so they tapped them on the shoulder and said "excuse me. Do you own (the type of car) such and such a car". The answer was "yes, why". The person then said "someone has smashed into your car", to which the person rushed off in panic to check their car. The person was satisfied they'd inconvenienced the other driver as they'd been inconvenienced. All that is needed is a little information we can related to and we can all be tricked very easily.
Do take care on the internet. Whilst I do make money fixing people's computers and removing virus infections, it really is work I'd prefer wasn't required.
Kelvin Eldridge
PS. OzEfilter is the product I wrote and use which helps me avoid being tricked by phishing and malware attacks. For free anti-virus software read earlier blog posts where I ran parallel tests against various packages over a week.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment