Monday, June 30, 2008

Are These Guys Even TRYING??

As faithful readers know, I am intrigued by various bits and pieces of spam that come across my radar scope. Much of it is snagged by various filters, which is fine, but every so often one or two slip through. Some of them in the past have showed great ingenuity, and you can certainly see how they must attract marks. But some of them are so half-baked that you wonder how serious the spammer even is. For instance, here's this that arrived this morning:




Dear Customer,

MetaBank temporarily suspended your account.

Reason: Billing failure.
We need you to complete an account update so we can unlock your account.

To start the update process follow the link below :

https://www.ebankmeta.com/onlineserv/HB/Signon.cgi

Once you have completed the process, we will send you an email notifying
that your account is available again. After that you can access your account at any time.

The information provided will be treated in confidence and stored in our secure database.
If you fail to provide required information your account will be automatically
deleted from
MetaBank database.

Copyright @ 2005 MetaBank. MetaBank is an Equal Housing Lender. Member FDIC.

Note:
* If you received this message in your SPAM/BULK folder, that is because of the restrictions implemented by your ISP

* For security reasons, we will record your ip address, the date and time.
* Deliberate wrong inputs are criminally pursued and indicted.




Now, we do have MetaBanks in my community, so that's a plus. (You'd be amazed how many times my accounts have been suspended at banks that don't even operate in my locale!) I don't have any accounts there, but that's not the spammer's fault. The rest of it, though, is pretty ho-hum. Sure, there's the MetaBank logo, but come on...anyone can grab a logo off the interweb. The body of the message conveys no sense of urgency, while the best spam of this ilk makes me think I had better get on this johnny-on-the-spot or Dire Consequences will follow! This particular message, though, does nothing of the sort. It comes off as plain old housekeeping. Sort of like all the "important changes to your account" stuff we're forever getting from banks and credit-card companies. ZZZzzz.

Then there's the URL. It so happens that "https://www.ebankmeta.com/onlineserv/HB/Signon.cgi" does indeed take you to the real MetaBank, which is actually a little odd. If I'm one of those people who doesn't trust hotlinks and I copy-and-paste the address (as I did above), then I end up at the real MetaBank and thus out of the spammer's clutches. Which I'm pretty sure is a bad thing, from the spammer's point of view. I'd probably click around on the MetaBank website for awhile trying to find the place where I update my account, and when that failed I'd probably send e-mail via the bank's "contact us" link, at which point I'd learn I'd been duped.

All in all, it seems the spammer has not thought this through.


Those of us of a cynical nature, of course, like to mouse over the links in such messages and see where they really point to. And doing so makes me think this particular spammer needs to be looking for a new line of work, for his heart is clearly not in his current profession. The real link is to http://mail.rottenmann.at/kk.html. Rottenmann? I ask you! He might just as well have used http://www.ripyouoff.com. Crimeny!


And as it happens, following the link in Firefox 3 produces a Reported Web Forgery! page, which is fairly cool.


I'm in general not a big fan of internet entities "protecting" us without our asking them to do so (see "No Worries! AOL Is Watching Out for You!"), but Firefox at least provides an "ignore" option, unlike virtually every other "protector" I've encountered.

So I don't know. Maybe it's me, but it just seems like the glory days of spamming--the days of the truly imaginative spoof, the really admirable phish, the electronic confidence game crafted by people who took pride in their work and really put the "art" in "con artist"--have passed. Now it's all just one step, maybe two removed from virtual pan-handling. I fully expect to open one of these things one day and have it simply say, "Give me money."

Truly, the artists have all passed on.

No comments: