Scam Combines Patriot Act FUD With IE Bug

LostCluster writes "CNET, Reuters, and the AP are all reporting this morning about a circulating e-mail scam that claims that people will lose their FDIC bank account insurance because they are suspected of violating the Patriot Act unless they confirm their bank account information with a website. The scammers then use the already documented bug in IE that allows a site in Pakistan to get 'www.fdic.gov' to appear in the URL bar. Where's an MS patch when we really need one?"

Patriot Act

[MORTAR_COMBAT!]

Any law which is so powerful and ambiguous as to put fear into people by its mere mention must be a bad law. A reasonable person, if accused of violating the Patriot Act, might actually doubt his own innocence because of the sheer labyrinthian might of the Act.

Patch?

[Guppy06]

"The scammers then use the already documented bug in IE that allows a site in Pakistan to get 'www.fdic.gov' to appear in the URL bar. Where's an MS patch when we really need one?"

Right here.

3-m@1L $c@mmz0r$

[mac+os+ken]

I will probably never understand fully why anyone would fall for an e-mail scam that is clearly not legitimate. When I get a spam telling me:

"W3 n33d jO0r b@nk @cc0un7 # bc@u$3 FDIC $@ys $0."

I hit delete. Unfortunately some people fall for this. Does anyone have any numbers on just how succesful these e-mails are? Is the American public that ignorant?

Re:3-m@1L $c@mmz0r$

[hchaos]

Unfortunately some people fall for this. Does anyone have any numbers on just how succesful these e-mails are? Is the American public that ignorant?

No, the American public is not that ignorant. Very few scams are clever enough to hook the American public. Fortunately for the scammers, the American public isn't the target. Just like the Nigerian scam, it only takes about 0.001% of the population to fall for it in order to make a lot of cash.

FDIC issues scam alert press release

[LostCluster]

The real www.fdic.gov is running a rather standard press release to warn that it's a scam.

Consumers never have any reason at all to send information to the FDIC. They already can get all they need to know out of banks.

Email is no longer usable as a legitimate means...

[Teddy+Beartuzzi]

...of contacting your customers. Every day I get so many fake emails trying to get my paypal, ebay, banking info etc, that I no longer even look at it. All correspondence that appears to be from them simply gets binned. Even the legitimate ones, because they're indistinguishable from the fakes.

Until we all start signing our emails with PGP.

Definition of Critical

[Gyorg_Lavode]

Remember, it's only defined as critical if it's exploited in the wild.

Re:Stupidity!

[BrookHarty]

People that actually fall for this bullshit don't deserve to have a bank account in the first place. Do you honestly think the feds are gonna contact you via email to tell you that you're violating the patriot act? Go get an education.

Lots of elderly women who outlive thiner husbands, have to deal with the finances for the first time. These people make a great targets, they are computer illiterate. They where given a computer to communicate with their family, and dont know about all the email scams. And with the new homeland security daily threat levels, it confuses them.

Do a little research before you blame the victim.

Re:I am a victim.

[petabyte]

Do you plan on, at some point in the future, being old and collecting welfare through Medicare/Social Security? No? Oh.

I have no illusions that Social Security will be there by the time I'm ready to retire (July 2047). I'm planing on being old but I'm certainly not naive enough to believe that there will be a dime left in Social Security at that point.