0 |
Subject: Phishing emails
Posted by: biliruben
- [3110231016] Fri, Dec 17, 2004, 20:07
I'd heard about these, and had gotten completely amateurish ones infrequently through the years, but I just got my second, very professional-looking one in two days, so I figured I'd give folks a heads-up:
[keybank symbol] Dear KeyBank customer,
We recently noticed one or more attempts to log in to your KeyBank account from a foreign IP address and we have reasons to believe that your account was hijacked by a third party without your authorization.
If you recently accessed your account while traveling, the unusual log in attempts may have initiated by you. However if you are the rightful holder of the account, click on the link below and submit, as we try to verify your account.
https://accounts2.keybank.com/ib2/Controller?requester=signon
The log in attempt was made from: IP address: 66.224.29.186 ISP host: 66-224-29-186.atgi.net
If you choose to ignore our request, you leave us no choice but to temporally suspend your account.
We ask that you allow at least 48hrs for the case to be investigated and we strongly recommend not making any changes to your account in that time.
If you received this notice and you are not the authorized account holder, please be aware that is in violation of KeyBank policy to represent oneself as another KeyBank account owner. Such action may also be in violation of local, national, and/or international law. KeyBank is committed to assist law enforcement with any inquires related to attempts to misappropriate personal information with the internet to commit fraud or theft. Information will be provided at the request of law enforcement agencies to ensure that perpetrators are prosecuted to the fullest extent of the law.
*Please do not respond to this email as your reply will not be received. For assistance, log in to your KeyBank account and choose the "HELP" link.
Thanks for your patience as we work together to protect your account.
Regards,
The KeyBank Team
The antidote, if you are unsure of authenticity (I was sure - I don't bank at Key) is to simply never response through the link in the email. Access the website directly.
Anyone else have some high-quality examples? |
1 | Perm Dude Dude
ID: 030792616 Fri, Dec 17, 2004, 20:19
|
Snopes has some good ones.
|
2 | Toral
ID: 22731114 Fri, Dec 17, 2004, 20:31
|
Nice letter. They should replace "If you choose to ignore our request, you leave us no choice but to temporally suspend your account." A little too pushy. I'd try "In case you are unable to respond to our request or this notice does not reach you, KeyBank will temporarily suspend your account after xx hours for your own protection."
|
3 | biliruben
ID: 3110231016 Fri, Dec 17, 2004, 20:34
|
Yeah Toral, until that point, I was searching my brain to make sure there wasn't some obscure way I was associated with Key - mortgage, CC, demonic ex-girlfriend.
When I hit that, I knew it was a fake.
|
4 | ¤ Mario LeMoose ¤
ID: 5311341719 Fri, Dec 17, 2004, 20:34
|
FraudWatch International ... very comprehensive list
That's FraudWatch, not FredWatch. ;-)
|
5 | Perm Dude Dude
ID: 030792616 Fri, Dec 17, 2004, 20:37
|
FredWatch lives with me.
|
6 | biliruben
ID: 3110231016 Fri, Dec 17, 2004, 20:42
|
Wow, Moose. That's a huge mess o' phish! I wonder what the "success" rate is?
|
7 | Tosh Sustainer
ID: 057721710 Fri, Dec 17, 2004, 22:16
|
I always thought antiphishing.org was a good site, but the above link is certainly in-depth.
This site released their November trends report (PDF) recently. These numbers come from page 1 ...
• Number of active phishing sites reported in November: 1518 • Average monthly growth rate in phishing sites July through November: 28% • Number of brands hijacked by phishing campaigns in November: 51 • Number of brands comprising the top 80% of phishing campaigns in November: 6 • Country hosting the most phishing websites in November: United States • Contain some form of target name in URL 22.1 % • No hostname just IP address 67 % • Percentage of sites not using port 80 19.2 % • Average time online for site 6.2 days • Longest time online for site 31 days
|
8 | KTx
ID: 260241717 Mon, Jan 17, 2005, 18:24
|
I received the same thing for Citi Bank. I was actually quite impressed with it because of the url it sent. I didn't click it instantly because I was too lazy (laziness pays off this time). Then I decided to see if they would really do anything to my account so I left it alone.
I should have known right from the beginning however because I have seen this type of stuff so many times in the AOL Days when people would phish for AOL Accounts. Incredibly enough, the success rates on those were relatively high. Although you couldn't really do THAT much with an aol account besides costing others a lot of money (charged by the minute at the time).
|
|
|
Post a reply to this message: (But first, how about checking out this sponsor?)
|
|