Phish Scams Fooling 28% of Users

Etaipo writes "Anti-spam firm MailFrontier Inc has done some testing with consumers to see if they could differentiate between legitimate e-mails and phish scams. The results, to me, were pretty shocking. The company also has provided a similar test on its web site. Get an answer wrong, and we revoke your geek license on the spot."

Five minutes to figure it out.

[MacGoldstein]

But haven't fallen.

My parents got an e-mail stating that we were charged $3000 for a new Dell laptop. Nevermind that we all use Macs.

So I check out the site... Looks professional, seems legit, but it asks for a bank account and social number on a non-secure connection... Phishy?

I checked out the root domain of the given address and ran a search to see to whom the site was registered. Definitely not a real company, an individual, and the root domain didn't exist as an accessible webpage. Not the kind of thing that is very professional. I bounced the e-mail back and dismissed it. Our credit bill the next month didn't have a Dell laptop on it. What do you know?

All it takes is some common sense to get out of these things, but perhaps real companies should start adopting S/MIME or PGP to ensure their identities to make it more apparent to a layperson.

Of course, a false company could just as easily hide behind these "foolproof" authentication mechanisms.

Unfair test

[asdfasdfasdfasdf]

Honestly, I got through 3 examples before giving up. The real test for me is, "Is the link back to the official site? Or does it look like a link and take you to some mysterious 3rd party server?"

In this test *ALL* links pop up to a "for the purposes of this test, this link has been suspended" This makes the whole thing useless.

Anybody can copy a legit paypal or eBay email and change a few words and make it "look" real. The key is in the links and the data mining.

Re:Unfair test

[MaelstromX]

I suspect you use Firefox, which, for me, didn't show the URL's of the links when I put the cursor over them for some reason. I opened up IE and it worked fine.

Is this test not Firefox friendly? If not, why didn't the story say so? (don't a lot of people on /. use Firefox?)

hard?

[Bobman1235]

Honestly, it's pretty simple. Just never click on any link in any email. If it's from a company you deal with, type in the URL you know and love to find the information. The only one of the emails in that entire "quiz" I would have trusted was the one without any links, that simply said "go to ebay.com, click on your account." Anything else could be fake.

At the very least, copy and paste the URL rather than click it, and study it for 3 seconds before going to the site to make sure it looks like the site you think you're going to.

The correct term...

[SatanicPuppy]

...is Social Engineering. Or Con Artistry depending on your tastes.

The average non-techie wouldn't know what a "Phish" scam was if it was sitting on their face, any more than they would know what a phreak was or why hacker, cracker, and coder all mean very different things.

I agree with GGParent. This crap should never have made it into the media. They're only going to be screwing it up.

Re:I got a 3

[wo1verin3]

If you didn't find that funny, then you definately won't find this funny.

Re:Catching them on the subtleties

[daehrednud]

1st email:
This one just tell you to log into the MSN site, it
doesn't provide a bogus link or anything.

2nd email:
This one does provide a link, plus for some reason
the url args flag my personal danger
heuristics. The jagged do this or else tone of
the email also doesn't seem like it originates
from a company that relies on it's customers

3rd email:
It doesn't seem that ebay would hire a third
party to create an ID system that the users
would have to shell out money for. That mixed
with the external link give it away.

4th email:
I personally hope a bank doesn't deal with
security issues by relying on internet
communication, but it doesn't sound right for
a bank to contact a hacked account victim
through email. Plus the 4 appended to the www
part of the url makes it seem that it could
possibly be a false url.

5th email:
This email does not provide an external link
tells you to go to the paypal. It also helps
that the email also says to always type in the
url manually.

6th email:
Again with the threatening tone, but more
clearly does this yell fraud when at the
bottom of the email there is a blurb that
says that "This is a promotional message from
EarthLink". Definate cut and paste job.

7th email:
see 3rd email

8th email:
threatening tone..., external url

9th email:
It helps that I've seem emails like this, but
in this email you are not asked to provide any
data, except for the tracking number in the
url, which they provided.

and lastly, the 10th email:
A button! A button can be used to hide the url
from the casual user, and looking at the html
shows that it goes to www.service-visa.net,
which doesn't seem right for a COMmercial
enterprise to have.

Re:This is an excellent quiz.

[Crazy+Man+on+Fire]

They didn't show up in Mozilla. Switched to IE and they worked. They were using IE-specific javascript to put the link text in the status bar.

Re:This is an excellent quiz.

[Grotus]

Do you have Mozilla set up to forbid javascript from modifying the status bar (as you should)? If you do , then whether or not the javascript is IE specific, it still wouldn't show the bogus link. I had to view source to see what they wanted to appear down there (mainly because I forgot about that setting until most of the way through the quiz).