Have You Seen Nailah Franklin?
“Mandela is dead.” Mistake or Metaphor?

Saturday Afternoon Phishing and Other Distractions

I received an e-mail from PayPal indicating I'd purchased a Dell Iaptop computer for $699 and my credit card would be charged. The invoice looked authentic and so did the URL. The shipping address for the computer was to:

Wayne E Bakewell
16 elm st
Brownsville, PA 15417
United States

I repeat that on the surface it appeared to be a legitimate e-mail. So I'm thinking…OK, I am not Wayne Bakewell and do not live anywhere near Brownsville, PA so this must be internet fraud.

Quick perusal of the PayPal website lead me to an e-mail address, spoof@paypal.com, to which fraudulent PayPal e-mails should be forwarded. I also deleted the message after forwarding it to PayPal. Minutes later I received the message below.

In a message dated 9/22/2007 5:19:35 P.M. Eastern Daylight Time, spoof@paypal.com writes:

Thanks for taking an active role by reporting suspicious-looking emails.
The email you forwarded to us is a phishing email, and our security team
is working to disable it.

What is a phishing email?
Phishing emails attempt to steal your identity and will often ask you to
reveal your password or other personal or financial information. PayPal
will never ask for your password over the phone or in an email and will
always address you by your first and last name.

Take our Fight Phishing Challenge at
https://www.paypal.com/fightphishing to learn 5 things you should know
about phishing. You'll also see what we're doing to help fight fraud
every day.

You've made a difference.
Every email counts. By forwarding a suspicious-looking email to
spoof@paypal.com, you've helped keep yourself and others safe from
identity theft.


The PayPal Team

A quick Google search showed that Mr. Bakewell has been quite busy. There is a Brownsville, PA Internet Fraud forum of which his antics are discussed. There were a few blog posts inspired by him also.

I'm sure you've heard it before, but be on guard for identity theft. These phishing tactics work or the criminals wouldn't used them. Don't get scammed.

Related links:

Anti-Phishing Working Group

OnGuard Online

How Phishing Works

Why Phishing Works (Research Paper)