Log in

No account? Create an account
.:..::::.:. .:...:: ..:.:.....: .... ..:: .:::: ..: .::: .: ::: .:::.:.:.:.
Ouatic-7 [userpic]
Phishing with Snakes

Just got a billet-doux with the subject "Amazon Payments Billing Issue". It was clearly phishing.

The letter contained this link:


disguised as something clearly Amazon.

Anyways, I was curious so I entered this address:


This pops up with a message saying there is trouble with the certificate. On viewing the certicate I find it was issued by:

E = ca@snakeoil.dom
CN = Snake Oil CA
OU = Certificate Authority
O = Snake Oil, Ltd
L = Snake Town
S = Snake Desert
C = XY

I find this mildly amusing.

Mood: curiousNosy

Now, I was getting the same thing a couple of months ago claiming to be AOL. Not that i followed the links, just asked AOL if they had an issue. They didn't. Kind of dumb, who believes this stuff?

Perhaps the less experienced and less cynical; the same folks who fall for the Nigerian scam?

Really yanks the old heart strings, that does.

Actually, now that I think on it probably not the same folks as the Nigerian scam; that offers a lot of money while these phishing scams hit (thick and ignorant) folks who are just trying, ironically, to protect against identity theft.

I guess it pays to be old and wily. Beats the alternative anyway.

I would enjoy stepping back to age...Hmm, not too young, 26 or so, with all that I know now. Heh, clean up in a big way.

Very sneaky.

Snake oil? Heh.

Interestingly, Amazon doesn't list specific email addresses that you can use; instead, it presents you with a form to fill out. Ebay and PayPal both have "spoof@[domain].com" addressees for reporting this kind of thing.

I just love the honesty here.