Gone Phishing

Tom Dunne

I'm teaching a computer class and part of the syllabus involves the interweb.

To re-inforce the whole concept of phishing and security in general, I'm looking for examples of phishing e-mails anyone might have recieved from Irish financial institutions.

So if you have any in your spam I would really appreciate it if you could forward them to me, thomas.dunne at gmail
.
.
.
dot
.
.
.com

(edited by Khannie to stop the bots....they parse now for simple changes like suck.my at balls dot com)

hobie

try this google link for lots of examples ....

http://www.google.ie/search?hl=en&q=phishing+e-mail+examples&meta=

ps. "interweb" ..... Wassat ???? .... lol

Ruu_Old

I get them from Barclays (not Irish but similar methods) often, forwarded one.

netwhizkid

You do realise you will have plenty in your inbox soon for posting your addy online :eek: albeit in a non hyperlink fashion. I should have one or two lying around my mailbox, if i root them out I shall forward them on OK. I have gotten them from Ebay and Chase Bank USA, I deliberately posted a email address on several guestbooks and forums a while back to get some 419Scam letters, as I was going to start messing with them but I quickly got bored of it, not as fun as it looks!

trout

i had to give an presentation on this in work a few months back ... interesting field to research and present on ...

this link may help you OP ... load's of real world examples
http://www.antiphishing.org/phishing_archive.html

for a little light relief on a related topic, try this site out

http://www.419eater.com/html/hall_of_shame.htm

i may still have the powerpoints floating about ... one of them might be useful to you ... it compared a phishing site and a real banking site side by side ... it's scary how good the phishing site looked ... let me know if you want it

good luck!

Tom Dunne

netwhizkid wrote:

You do realise you will have plenty in your inbox soon for posting your addy online :eek: albeit in a non hyperlink fashion.

Don't worry, that's not my day to day e-mail address. I'm not that silly

Thanks for the links guys, I am specifically looking for Irish Institutions to drum home the point.

i may still have the powerpoints floating about ... one of them might be useful to you ... it compared a phishing site and a real banking site side by side ... it's scary how good the phishing site looked ... let me know if you want it

Thanks, I would appreciate anything you would be willing to share.

greglo23

a handy little tool you could show your class is the report web forgery tool in firefox 2.0
the browser is available here http://www.mozilla.org/projects/bonecho/all-rc.html

Ruu_Old

You can pick bits off this website to use, it has some of the most common examples of phishing there.

Tom Dunne

Excellent resource, Ruu, I had forgotten about that site.

rogue-entity

Got one today reporting to be from PayPal.
The link they suppled was for paypal-us.com, which doesnt actually exist.
And clicking the link went to a completly different URL, without HTTPS unlike what the text claimed it was for. I clicked on the link and got a perfect example of PayPals site. They told me my security questions had changed and if I didnt authorise it I should contact them.

I used Gmails "report phishing" link, but I dont know if I should send the email to anyone else like PayPal or the FBI or something.

Tom Dunne

rogue-entity wrote:

I dont know if I should send the email to anyone else like PayPal or the FBI or something.

You could forward it to me.....

hobie

and a copy here too ? .....

If you are in any doubt that an email you have received or a website you have visited is fraudulent, report it immediately to spoof@ebay.co.uk orspoof@paypal.co.uk and forward the entire email. If you are registered on eBay.ie you should report the email to spoof@ebay.ie or spoof@paypal.com. We will reply promptly letting you know whether or not the email or website is fake or genuine. If you are in any doubt at all, always check - it is worth taking the time to be sure.

a bit more info here for Tom .....

http://pages.ebay.co.uk/safetycentre/spoof.html

trout

OP .... haven't found those powerpoints yet .. will keep looking ... if i get them, should i just mail to that gmail address you gave in the first post ??

Tom Dunne

Please, if you don't mind. Much appreciated.

Khannie

I got an attempted phish from a bid I made on ebay. Sneaky b*llix saw that I was outbid for an expensive fusball table (was purchasing on behalf of my company, so the budget was substantial enough) and offered me a "2nd chance" purchase. Nasty beggar. I can forward that if you want it.

Mutant_Fruit

Email 1:

Dear Friend,

I know this email will come to you in good faith
you have not received any prior communication from me before now.


But be that as it may, my name is Mr. Melvin Samson and I was
privileged to be the account officer of my deceased client who lost his
life sometime ago.


In the process of review of the financial report by my bank, I discovered
that both of you have a similar last name, hence I contacted you so that I
can bequite you further on my intention and how to disburse the
money he left behind.


I will most acknowledge your prompt response as that would enable us to
start something immediately.I look forward toreciving your reply.

Sincerely,

Melvin.

My reply:

Hi,

How is it that i can help? Am i related to this person? Was this email sent to me in error?

Look forward to hearing from you,
Sincerely,
???????

His reply

My Dear ???????,

Greetings !

Thanks for your response to my mail. The name of my deceased client was Mr. Anson [My Second Name Here]. He died in the year 2002 from Cardiac Arrest, I work for Grant Trust International Bank Plc. Here in Nigeria West Africa.

Since you share the same last name with him hence I contacted you to help in repatriating the funds left behind to any account of your choice. I got your address from the Internet in my search for a reliable person that would help me in this transaction.

The amount of funds left behind was Five million United States dollars only, and I would want us to share it 50/50 after we have successfully transferred it into your nominated bank account. It is now very obvious that he died interstate, as I have already made further inquiry to ascertain this. And this is where and why i contacted you, as the money is now marked unclaimed with my bank.

Normally After five fiscal years and nobody comes up to claim the funds it would be marked dormant and reverted back to the bank's general coffers and shared among the directors. This I do not want to happen.

I now solicit your sincere cooperation so that we can work together to get the funds out of the bank before it goes back to the bank. After we might have talked I would send you an application text, instructing you on how to apply officially to the bank for the fund
release.

I will like you to provide me with the following.

a,Your telephone number
b,Your complete names
c,Your mailing address
d,Your Occupation

Hope to hear from you soonest. You can call me at +234
80 5759 5230

Best regards,

Melvin.
Phone number:+234 80-5759 5230
Address: No 12 okoro street
VI, Lagos Nigeria

I'm still wondering if i could be bothered replying again I've had my fun

Tom Dunne

khanie wrote:

I got an attempted phish from a bid I made on ebay. Sneaky b*llix saw that I was outbid for an expensive fusball table (was purchasing on behalf of my company, so the budget was substantial enough) and offered me a "2nd chance" purchase. Nasty beggar. I can forward that if you want it.

Thanks for the offer, but my target audience are all complete beginners and to be honest, explaining the workings of e-bay and how you can get a second chance would be a little too far off the syllabus for them.

Ideally, if I can show them something familiar like Bank of Ireland or AIB, I think that would drive the point home better.

trout

tom dunne wrote:

Ideally, if I can show them something familiar like Bank of Ireland or AIB, I think that would drive the point home better.

check yer gmail account now ... <ahem ahem>

subway

http://www.millersmiles.co.uk/search/Bank_of_Ireland

thats all the BOI ones afaik

JohnK

theres a trojan in that page subway

mike65

I got 7 Barclays phishers today alone.

Mike.

Ruu_Old

mike65 wrote:

I got 7 Barclays phishers today alone.

Mike.

Not far off that mark myself.