Wednesday, February 06, 2008

worst phish evar

I got a phish at my hotmail account. This in itself is not unusual. What's unusual about this one is that it has to be the worst phishing letter I've ever seen. When I get a 419 letter, I expect the grammar and so on to be a little off, because the sender is Nigerian, or at least pretending to be Nigerian. But this is just lazy:

Dear Bank of Lancaster County client,

You have received this email because you or someone had used your account from different locations.

For security purpose, we are required to open an investigation into this matter.

In order to safeguard your account, we require that you confirm your banking details.

The help speeed up to this process, please access the following link so we ca complete the verification

of your Bank of Lancaster County Online Banking Account registration information.

[link redacted]


If we do no receive the appropriate account verification within 48 hours, then we will assume this Bank of Lancaster County

account is fraudulent and will be suspended.

The purpose of this verification is to ensure that your bank account has not been fraudulently used and to combat the fraud

from our community. We appreciate your support and understanding and thank you for your prompt attention to this matter.

© Copyright 2007 Bank of Lancaster County is an affiliate of Sterling Financial Corporation.
------------------------------------------------
------------------------------------------------

The link didn't even work. Amateurs.

2 comments:

Heidi said...

Heh. I think my favourite part is that I get these emails from banks that I've never even thought about opening accounts with. Someday I may check into one of the links and make something up, just to see what happens. I'd probably get another message saying, "Someone gave us false information on your account and we have reason to believe your account security has been breached." lol

Octavia said...

Yeah, the Bank of Lancaster County is located in Pennsylvania - I have to wonder how efficient it is to do wide-scale phishing using a regional bank. Sometimes I will go to the websites just to see whether they've put up a good spoof.