Features Podcasts Family Video Comics Music Tech Science Books Film & TV Games ✚

Jill

Recursive phishing email

Cory Doctorow at 11:55 am Sat, Jan 14, 2012

— FEATURED —

Feature

Eurovision 2013: An American in London

Book Review

The Twelve-Fingered Boy - mesmerizing YA horror novel

Book Review

Black Code: how spies, cops and crims are making cyberspace unfit for human habitation

— FOLLOW US —

Boing Boing is on Twitter and Facebook. Subscribe to our RSS feed or daily email.

 

— POLICIES —

Except where indicated, Boing Boing is licensed under a Creative Commons License permitting non-commercial sharing with attribution

 

— FONTS —

Tweet
Kindle

Bruce Sterling received a phishing email purporting to be a followup to a report of a phishing email. Coming soon: a phishing email purporting to be a phishing email purporting to be a followup to a report of a phishing email.

US-CERT is forwarding the following Phishing email that we received to the APWG for further investigation and processing.

Please check attached report for the details and email source

US-CERT has opened a ticket and assigned incident number PH0000005007349. As your investigation progresses updates may be sent at your discretion to soc@us-cert.gov and should reference PH0000002359885.

Phishing email arrives disguised as phishing email

I write books. My latest is a YA science fiction novel called Homeland (it's the sequel to Little Brother). More books: Rapture of the Nerds (a novel, with Charlie Stross); With a Little Help (short stories); and The Great Big Beautiful Tomorrow (novella and nonfic). I speak all over the place and I tweet and tumble, too.

MORE:  crime • fraud • Funny • phishing • recursion • security • Weird

More at Boing Boing

Eurovision 2013: An American in London

The technology that links taxonomy and Star Trek

  • Daniel Williams

    Link’s broken, which looks like is happening for all their permalinks right now.

  • jkg

    yo dawg we heard you like phishing emails

  • http://twitter.com/sqlrob Rob

    Yeah, I got one of these too.  Trojan attached.

    I think they reconfigured their spambots afterwards, but not very well. My next one was from Con-Ed, but the from address was US CERT.

  • Todd Knarr

    I’ve gotten a ton of these. I just trashed them on sight, figuring that a) if they were legit they wouldn’t be going to bogus addresses in my domain and b) US CERT wouldn’t be sending the additional information as an executable attachment. What’s annoying is that they’re coming from such a variety of sources that I can’t blacklist them effectively.

  • http://pulse.yahoo.com/_65IKZLRD2UOXASESFOIKALHANY ChipN

    Phishing is no small thing. US Education student loans service has selected an outside firm Nelnet.com to process and collect loan repayments, many $Bs from millions of students. The problem is, the list of student loans was stolen, used by Nelnet.net <–, with virtually indistinguishable Net (uses a 3rd-party e-mail) and billing stationery with a slightly different POB address, that surely $Bs of dollars are being bled away from US Treasury (US). "And nobody seems to notice, and nobody seems to care."

  • nixiebunny

    I get a fair number of Nigerian 419 spams that do the same thing. “We heard that you’re a sucker who got bilked by a Nigerian 419 scam, so let us fix it for you. You can trust us; we’re from the Nigerian government.”

  • irksome

    Why does this make me suddenly crave Morton’s Salt?

  • PapayaSF

    It’s hilarious that the ticket is “assigned incident number PH0000005007349″ and if you wish to send updates, reference “PH0000002359885.” It’s like all the Craigslist apartment rental scams where the number of bedrooms in the subject line doesn’t match the number in the main text. Scammers seem to be poor proofreaders.

  • jeligula

    Bruce rocks.   These wankers should leave him alone so he can write.

  • awjt

    OK, I take that back.  THIS recursion is boring.  The other one isn’t.

  • Palomino

    This is potentially dangerous because it hasn’t happened for awhile, it was common at one time. 

    • http://twitter.com/sqlrob Rob

      Hasn’t happened for a while? I’ve never stopped receiving phishes.

  • http://www.jimdraws.com Thorzdad

    My daughter suddenly started getting emails claiming they were “Important Information” from her bank. Attached to the email was password-protected PDF. There was no explanation other than instructions to use her account password to open the PDF.

    Sounds like a classic phishing email, right? She kept deleting them, accordingly.

    Turns out, though, they were legit emails from her bank. The password-protected PDF was a notice that she had overdrafted her account. Ouch!

    I can’t imagine how such a phishy method got adopted by the bank. Oh wait…I CAN imagine. They probably factored-in that many people would ignore the emails because they looked so obviously like phishing mails. That equates to overdraft fees! Profit!!!

    • Antinous / Moderator

      I’ve occasionally gotten a phishing e-mail the same day that I did a transaction with the business being used. I almost clicked the link.

      If I get an e-mail from my bank saying that I have an important message, I just go sign on the normal way to see if there’s something there.

  • http://www.genreville.com/ Josh Jasper

    PH000000ey!