Phish Scams Fooling 28% of Users
Etaipo writes "Anti-spam firm MailFrontier Inc has done some testing with consumers to see if they could differentiate between legitimate e-mails and phish scams. The results, to me, were pretty shocking.
The company also has provided a similar test on its web site. Get an answer wrong, and we revoke your geek license on the spot."
I passed with flying colors! This is an excellent quiz to send to your friends who are less internet-savvy. I found a common thread throughout all of them: "if you don't verify your account information, it will be suspended."
Homestarrunner.net -- It's Dot Com!
I got them all right, what most people forget is that reputable companies will never send you a link to update your account info. They will give instructions but never the latter. That is the dead give away that it is fake.
I got Verizon DSL service back in February. A month later, I got an e-mail that basically stated there was a problem applying the DSL charges to my phone bill. In the e-mail, which was sent to "Verizon Customer", they suggested I reply to the e-mail with my account name and credit card information.
I thought it was a scam, but left it in my inbox. Two weeks later my service was shutoff. Apparently the message was legit.
After I got the problem straightened out, I sent them a very nasty, yet informative, e-mail and they agreed that they will review their e-mail policies and apologized for sending such a message to begin with.
The problem is that "phishing" is describing this action specifically, rather than going out to the lake with a pole and a bunch of worms. It's been accepted into the lexicon, same as "phreaking".
Phishing also has the connotation of hoodwinking users, getting passwords, whatever, not just credit card info.
My blog. Good stuff (when I remember to update it). Read it.