To get back to the funny bits, if not technically the phishing bits, one of my favorite genres is the blog comment so spammy yet so incoherent that it’s nearly poetry. A real example:
Thank you for the good writeup. It in fact was a amusement account it. Look advanced to far added agreeable from you!
Your principles should definitely outweigh your needs.
Personal case in point - during a prolonged bout of unemployment, I took a temp job with a local engineering firm, only to find out they made weapons (they actually had a picture on the wall with all the engineers surrounding a bomb with a plaque on it that read, ‘Our One Millionth Bomb’.
Well, I stuck it out for the term of the contract, but turned it down when they offered to hire me permanently. I told them that frankly I’d rather starve.
While it’s not the same thing, I work in retail and we need to be mindful of people trying to buy large quantities of top up cards like iTunes or Steam. A sadly common thing is scammers convincing people they’re the HMRC (British equivalent to the IRS) and trying to get them to make a payment of £200+ using these cards. Yes, people do fall for these things and more often than you think. Usually they’re elderly or otherwise vulnerable persons and it’s an awful thing because they’re usually quite scared and distressed about the situation. Sometimes they’re even on the phone to the scammer when they come into the store. If we suspect they’re someone being taken for a ride we’ll let them know and reassure them they’re being scammed.
Damn can your UI force that? Ouch. Up here part of the deal if you get employment insurance money is dependent on being available and willing to work, and some may be required to show proof of attempts to find employment, but in a case like that if you have a genuine reason you shouldn’t accept work somewhere, it shouldn’t be held against you. May be reviewed, but they would likely prefer to know something suss is going on there.
If you need x-number of applications a week, sometimes you have to apply someplace you’d rather not work. And sometimes those folks contact you for interviews. Also, if you use a temp agency they might send you someplace which gives you bad vibes, but you can’t just refuse to attend the interview. Again… [clears throat] this is what I’ve heard. [nonchalant whistle]
For this thread I’ve delved into my spam folder. Good stuff in there.
“Our data shows you are a recipient of USA cash money!”
“Confirm your informations!”
I have a reverse-Nigerian scam in which the sender claims to be from Interpol trying to return money recovered from the many internet scammers whom they have arrested: "Our duty is to make sure we stop internet scam and money laundering. As for today we have put a lot of fraudsters in jail. We go all over Africa to pick this thieves/internet rats. We have over 8,273 of them in our jails round Africa and we are still looking for more. " That one wins the award for irony!
I have one of the “send us $50 in Steam cards” from someone claiming to be Louis DeJoy, as if I’d trust that monstrous pig even if it really were him.
We invite all interested project owners and investors to our project financing programme. I am the investment officer of a UAE based investment company.
We are ready to fund projects outside the UAE, in the form of debt finance, We grant loans to both Corporate and private entities at a low interest rate of 2.5% ROI per annul.
The terms are very flexible and interesting. Kindly revert back if you have projects that need funding for further discussion and negotiation.
I just got an email that snuck past my spam filters claiming to be from Amazon. Looked all official, claimed there was a possible security breach etc…etc. They might have fooled me too, if one click later they hadn’t asked for my SS#. Nice try, you little buggars, but I’m off to change my passwords just in case.
Three words: two (or multi-) factor authentication. Even if your password is breached, the second piece of security needed to access your account(s) is something only you have in the form of either a constantly changing one-time password or a physical cryptographic security key that needs to be presented/inserted upon demand.
And none of this email or SMS-based stuff — both of those methods are about as secure as sending a secret message written in plain text with large block letters on a postcard (though making the codes time-limited helps). The email protocol was deliberately created to be simple and human-readable for debugging purposes back when the Internet was still just ARPANET, and SMS was initially just a way to send short messages over existing telephone signalling paths. Encryption was still considered a munition by the U.S. government, and secure messaging was the last thing on their creators’ minds. They’re too easy to compromise.