[X4U] re recent thread on paypal phishing emails

Ed Gould edgould1948 at comcast.net
Wed Mar 18 15:53:13 PDT 2009 

On Mar 18, 2009, at 2:43 PM, John Baltutis wrote:

> On 3/18/09,  Ed Gould <edgould1948 at comcast.net> wrote:
>> On Mar 18, 2009, at 12:09 AM, Linda wrote:
>>> On 3/17/09 11:42 PM, Ed Gould wrote:
>>>
>>>> Victims, perhaps on one level but in the scheme of things I would
>>>> trust credit cards over paypal any day.
>>>
>>> That's your opinion, and that's fine, of course. But others of us  
>>> have
>>> different opinions, and the other folks are right when they say  
>>> that if you
>>> don't forward the phishing messages back to the abuse/spoof
>>> department of *whatever* organization it is, it's impossible to stop
>>> phishermen.
>>
>> Here is an example and then you tell me.
>> I got an phishing email, so I thought I would report it.
>> I went to the banks web site and I looked and looked and looked and
>> could not find any contact information.
>> The only way I could contact them was *IF* I had an account.
>> Now you tell me who should I contact in those circumstances?
>> I know some places do have contact info but (a lot of) other do not.
>> Another example this is closer to home. I decided to report a
>> phishing incident to PAYPAL and yes I finely found the reporting
>> email address but it did take me 15 minutes of digging.
>> If companies *REALLY* want them reported then they should not bury
>> the report address, no?
>>
>> Some companies are clueless and should they be rewarded because of
>> their less than lets say competence in the world of the Internet?
>
> Here's a counterexample. I note that Wells Fargo bank is a favorite  
> phishing
> target. So, I entered <http://www.wellsfargo.com/> into my browser,  
> was
> redirected to <https://www.wellsfargo.com/>, and at the page's  
> bottom is a link
> to "Report Email Fraud." I suspect that's true for most banks. And,  
> no, I don't
> have an account with Wells Fargo Bank.
>

SIgh.. I said most banks... I can also show ones that do not. So we  
are both right. The English banks are probably the worst from the 3-4  
phishing attempts that I have seen.

But American banks as well (although some do better than others). I  
am still mystified as to why they thought I had an account at an  
English bank. I know they send out thousands (hundreds of?) such  
emails hoping they will get a sucker. But anyone with minimal  
knowledge of email address would indicate that COMCAST is not an  
english ISP.

But I guess its cheap to do so (free?) so why not send it why bother  
sending out "bad" ones.

Ed

More information about the X4U mailing list