Recursive phishing email


15 Responses to “Recursive phishing email”

  1. Daniel Williams says:

    Link’s broken, which looks like is happening for all their permalinks right now.

  2. jkg says:

    yo dawg we heard you like phishing emails

  3. Rob says:

    Yeah, I got one of these too.  Trojan attached.

    I think they reconfigured their spambots afterwards, but not very well. My next one was from Con-Ed, but the from address was US CERT.

  4. Todd Knarr says:

    I’ve gotten a ton of these. I just trashed them on sight, figuring that a) if they were legit they wouldn’t be going to bogus addresses in my domain and b) US CERT wouldn’t be sending the additional information as an executable attachment. What’s annoying is that they’re coming from such a variety of sources that I can’t blacklist them effectively.

  5. ChipN says:

    Phishing is no small thing. US Education student loans service has selected an outside firm to process and collect loan repayments, many $Bs from millions of students. The problem is, the list of student loans was stolen, used by <–, with virtually indistinguishable Net (uses a 3rd-party e-mail) and billing stationery with a slightly different POB address, that surely $Bs of dollars are being bled away from US Treasury (US). "And nobody seems to notice, and nobody seems to care."

  6. nixiebunny says:

    I get a fair number of Nigerian 419 spams that do the same thing. “We heard that you’re a sucker who got bilked by a Nigerian 419 scam, so let us fix it for you. You can trust us; we’re from the Nigerian government.”

  7. irksome says:

    Why does this make me suddenly crave Morton’s Salt?

  8. PapayaSF says:

    It’s hilarious that the ticket is “assigned incident number PH0000005007349″ and if you wish to send updates, reference “PH0000002359885.” It’s like all the Craigslist apartment rental scams where the number of bedrooms in the subject line doesn’t match the number in the main text. Scammers seem to be poor proofreaders.

  9. jeligula says:

    Bruce rocks.   These wankers should leave him alone so he can write.

  10. awjt says:

    OK, I take that back.  THIS recursion is boring.  The other one isn’t.

  11. Palomino says:

    This is potentially dangerous because it hasn’t happened for awhile, it was common at one time. 

  12. Thorzdad says:

    My daughter suddenly started getting emails claiming they were “Important Information” from her bank. Attached to the email was password-protected PDF. There was no explanation other than instructions to use her account password to open the PDF.

    Sounds like a classic phishing email, right? She kept deleting them, accordingly.

    Turns out, though, they were legit emails from her bank. The password-protected PDF was a notice that she had overdrafted her account. Ouch!

    I can’t imagine how such a phishy method got adopted by the bank. Oh wait…I CAN imagine. They probably factored-in that many people would ignore the emails because they looked so obviously like phishing mails. That equates to overdraft fees! Profit!!!

    • Antinous / Moderator says:

      I’ve occasionally gotten a phishing e-mail the same day that I did a transaction with the business being used. I almost clicked the link.

      If I get an e-mail from my bank saying that I have an important message, I just go sign on the normal way to see if there’s something there.

Leave a Reply