Comments on: Recursive phishing email

By: Josh Jasper

Josh Jasper — Sun, 15 Jan 2012 22:13:00 +0000

PH000000ey!

By: Antinous / Moderator

Antinous / Moderator — Sun, 15 Jan 2012 21:59:00 +0000

I’ve occasionally gotten a phishing e-mail the same day that I did a transaction with the business being used. I almost clicked the link.

If I get an e-mail from my bank saying that I have an important message, I just go sign on the normal way to see if there’s something there.

By: Thorzdad

Thorzdad — Sun, 15 Jan 2012 20:47:00 +0000

My daughter suddenly started getting emails claiming they were “Important Information” from her bank. Attached to the email was password-protected PDF. There was no explanation other than instructions to use her account password to open the PDF.

Sounds like a classic phishing email, right? She kept deleting them, accordingly.

Turns out, though, they were legit emails from her bank. The password-protected PDF was a notice that she had overdrafted her account. Ouch!

I can’t imagine how such a phishy method got adopted by the bank. Oh wait…I CAN imagine. They probably factored-in that many people would ignore the emails because they looked so obviously like phishing mails. That equates to overdraft fees! Profit!!!

By: Rob

Rob — Sun, 15 Jan 2012 17:19:00 +0000

Hasn’t happened for a while? I’ve never stopped receiving phishes.

By: Palomino

Palomino — Sun, 15 Jan 2012 08:35:00 +0000

This is potentially dangerous because it hasn’t happened for awhile, it was common at one time.

By: awjt

awjt — Sun, 15 Jan 2012 04:41:00 +0000

OK, I take that back. THIS recursion is boring. The other one isn’t.

By: jeligula

jeligula — Sun, 15 Jan 2012 04:03:00 +0000

Bruce rocks. These wankers should leave him alone so he can write.

By: PapayaSF

PapayaSF — Sun, 15 Jan 2012 02:16:00 +0000

It’s hilarious that the ticket is “assigned incident number PH0000005007349″ and if you wish to send updates, reference “PH0000002359885.” It’s like all the Craigslist apartment rental scams where the number of bedrooms in the subject line doesn’t match the number in the main text. Scammers seem to be poor proofreaders.

By: irksome

irksome — Sun, 15 Jan 2012 00:41:00 +0000

Why does this make me suddenly crave Morton’s Salt?

By: nixiebunny

nixiebunny — Sat, 14 Jan 2012 23:46:00 +0000

I get a fair number of Nigerian 419 spams that do the same thing. “We heard that you’re a sucker who got bilked by a Nigerian 419 scam, so let us fix it for you. You can trust us; we’re from the Nigerian government.”

By: ChipN

ChipN — Sat, 14 Jan 2012 23:18:00 +0000

Phishing is no small thing. US Education student loans service has selected an outside firm Nelnet.com to process and collect loan repayments, many $Bs from millions of students. The problem is, the list of student loans was stolen, used by Nelnet.net <–, with virtually indistinguishable Net (uses a 3rd-party e-mail) and billing stationery with a slightly different POB address, that surely $Bs of dollars are being bled away from US Treasury (US). "And nobody seems to notice, and nobody seems to care."

By: Todd Knarr

Todd Knarr — Sat, 14 Jan 2012 21:06:00 +0000

I’ve gotten a ton of these. I just trashed them on sight, figuring that a) if they were legit they wouldn’t be going to bogus addresses in my domain and b) US CERT wouldn’t be sending the additional information as an executable attachment. What’s annoying is that they’re coming from such a variety of sources that I can’t blacklist them effectively.

By: Rob

Rob — Sat, 14 Jan 2012 20:58:00 +0000

Yeah, I got one of these too. Trojan attached.

I think they reconfigured their spambots afterwards, but not very well. My next one was from Con-Ed, but the from address was US CERT.

By: jkg

jkg — Sat, 14 Jan 2012 20:20:00 +0000

yo dawg we heard you like phishing emails

By: Daniel Williams

Daniel Williams — Sat, 14 Jan 2012 20:18:00 +0000

Link’s broken, which looks like is happening for all their permalinks right now.