I get these with amazing frequency. As Bill has said, these folks are a bunch of dopes, because of their (to some of us) obvious use of improper grammar and spelling. But they keep at it, because enough innocent folks are bigger dopes apparently, and fall into these obvious traps.
I use Firefox as my browser and Outlook as my email client, but I pre-screen all messages on the POP server first with Mailwasher (www.mailwasher.net.) I have an older version (2.0.40 beta) and love it. It enables me to flag messages right on the server without downloading them to my computer, filter messages as from friendly sources like Phono-L, and identifies messages with attachments. Messages can be previewed from the server and deleted directly from the server without ever hitting my computer inbox. Junk messages may be marked for bouncing, which means if a legitimate return address is used, a phony bounce message will be transmitted to the sender appearing to come from my ISP's mail daemon stating that my email address is invalid. One of the best things about the program from the standpoint of identifying and combating phishers is that whenever a message contains a link, when it is previewed, Mailwasher identifies the URL which the link is actually linked to, so while the visible text of the link may read https://www.paypal.com/login, I can see that the link is actually coded to send me to http://boy_am_i_stupid_to_click_on_this.bg/paypal/please_take_my_account_inf ormation_and_steal_all_of_my_money.htm. Here is an example: I copied the following text from what Mailwasher displayed for me in the preview screen in a message my mail server received while the first messages from this thread were coming in: _________________________________________ P a y P a I - Notification You have added [email protected] as a new e-mail address for your account. If you don't agree with this e-mail and if you need assistance with your account, click here [links to http://www.google.com/url?sa=U&start=4&q=http://61.60.58.100/.www.paypaI.com /bin-cgi/webscr_cmd=_login-run/] and process your login. Please do not reply to this e-mail. E-Mail ID: PP998787 __________________________________________ Naturally, the message was already identified as probable spam and I deleted it off of the server. Don't want to sound like a commercial plug - I have no financial or other interest in the developer of this useful software - but I want to share my satisfaction in feeling like I have x-ray vision when it comes to spotting a spoof before I ever have to bother receiving it in my inbox. I feel like I am on a level playing field. On topic, I have had very little happening with regard to my phonograph or record collections, being financially strapped due to a carousel and band organ project which is well beyond my means. I've also suffered a traumatic relationship situation this past year which has knocked me for an emotional loop, and which has even put the other projects on hiatus. But I am out here in cyberspace, "lurking" and reading the messages from all of you and enjoying them very much. Best regards, Mark Mark S. Chester Phoenixville, PA www.whalompark.com www.wurlitzer165.com www.racc.edu www.nca-usa.org -----Original Message----- From: [email protected] [mailto:[email protected]] On Behalf Of Loran Hughes Sent: Tuesday, March 21, 2006 12:06 PM To: Antique Phonograph List Subject: Re: [Phono-L] Paypal Spoof This is what is known as "phishing". They tend to target banks and Paypal. NEVER click on a link from even a seemingly official looking email from your financial institution. If you follow the instructions in the email, you're bank account will be drained and you may even become a victim of identity theft. These scams are being run by organized crime gangs primarily in Russia and east Europe. The emails are sent from networks of infected home PC's. Keep your antivirus up to date, run updates for your favorite operating system in a timely fashion, and make sure there is a firewall on your broadband connection. Otherwise it's only a matter of time before you will be contributing to the problem. An unprotected PC on broadband will, on average, be infected in about 12 min. If you use Microsoft Windows, I recommend using Mozilla Thunderbird for your email client. Not only does it have excellent junk mail filtering, it will also warn you if you click on a link in an email that it flags as suspicious. The upcoming IE7 and Firefox 2.0 will both have phishing site detection capabilities when released (towards the end of the year). In the meantime, you still have a much lower chance of infection by NOT using Internet Explorer - use Firefox or Opera instead. If you need a nearly spam-free email environment, try gmail. Loran
