New Spam… now tastes even less like meat September 10, 2005 at 3:26 pm

[ Viewing: “The Fifth Element (Ultimate Edition)” (Luc Besson) ]

Just yesterday, I got what is perhaps the worst attempt at a phishing spam ever. It’s your typical attempt to make me think paypal paid something on my behalf, and that I need to follow a link to contest it. It came as a 2 part message, text and html.. people that know me, know that I don’t use an HTML mail reader, I use one called Tkrat. Yes, even under OSX. So I get to see the text part of the mail rather then the html part (and anytime I get a real email that’s html that I care to read, I just dump it to a file and read it in a browser.. where html is meant to be seen).

Anyway, I looked at the HTML source, and it’s a pretty generic phish.. the link you see seems valid, but the real link leads to a completely different box where they’ll harvest the login and passwords of anyone dumb enough to buy the mail.

what cracks me up is how lame the rest of the phish is.. the header isn’t even spoofed well, and I don’t mean the Received lines that most people don’t see.. the From and To lines are obvious:

From: “PayPal” <>
Subject: This email confirms that you paid MICROBAZAR ( $175.85 USD using PayPal
Date: Fri, 09 Sep 2005 20:03:00 +0100
To: me
Reply-To: “PayPal” <>

I mean, you’d have to be blind and stupid to not notice that the From isn’t really from paypal.

but the body of the text part of the message is just classic:

But they need to remember how eagerly near toothpick reads a magazine.Unlike so many mirrors who have made their federal microscope to us.When you see minivan of, it means that behind haunch meditates.If graduated cylinder related to hockey player give secret financial aid to living with lunatic, then jersey cow toward beams with joy.

I can only assume the sender used some kind of script that either grabbed random bits of posts from usenet or web pages, or just randomly threw words together.


Ooh.. maybe it’s secret code. 😉

Leave a Reply