A new kind of phishing

Well, so much for the Nigerian prince schemes – those wild ‘n crazy foreign scammers have finally gotten a little smarter. Take, for instance, the message I received this morning from a “customer”:

I’m in some kind of deep mess right now,my family & i came down here to London,England for a short vacation to visit a resort and got mugged at gun point last night at the park of the hotel where we stay.All cash,credit cards and cell were stolen off me.I’ve been to the  embassy and the Police here but they’re not helping issues at all,our flight leaves today and I’m having problems settling the hotel bills.

The hotel manager won’t let me leave until i settle the hotel bills(1,550GBP) now am freaked out.Please reply and let me if can you have the money wire to me through western union i promise to pay back as soon as i get back home.

Thanks so much,

Now, the message itself isn’t exactly gold – on the one hand, I know the purported sender to have far better grammar and spelling skills; but on the other hand, a person in panic writing quickly could make such mistakes. Likewise, the message’s headers were clearly (and poorly, might I add) forged.

But the message did have one unique redeeming quality – the signature (“Thanks so much, Kate”). It’s a small touch… but even I had to look twice when I first saw the message. It added an hint of possible legitimacy that just doesn’t exist in other high-volume phishing attempts I see every day.

See, this person ends many of their non-formal emails with “Thanks so much, Kate” (name changed). About the only way to know this would be to have seen one of their outgoing messages. Since there are dozens of them published in their mailing list archives – which are publicly accessible, indexed by Google, and viewable by anyone who cares to dig them up – I’m betting that’s how it was found. The fact that this person otherwise goes by a longer version of their name helps confirm my suspicions.

What may seem like four little words are, in this case, actually a small piece of “insider information” that may cause less skeptical people to hit the Reply button.

Speaking of Google, a quick search revealed that this tactic (along with the same exact message) is gaining popularity. It also seems that our scammer is greedier than the average; most examples only ask for 1,000 pounds.

At any rate, the moral of the story is: be cautious. They’re getting just a little bit smarter every day.