AOPA Credit Card scam

On Sun, 20 Mar 2005 07:40:12 -0600, "Jim Fisher"
wrote:

"Roy Smith" wrote in message news:roy-
They are also getting increasingly sophisticated. I used to be able to
tell immediately from the shoddy graphics that it wasn't the real thing.
Not long ago, I got one phishing for my Citibank info that I couldn't tell
apart from the real thing.

Well, perhaps cosmetically. There's so many other clues that it is a scam
that one has to wonder at who would actually respond to these things.

My profession has been computers since 1990. I've noted the scams
have gotten far more realistic in the last 6 months.

Only some one who knows enough not to use the new ones even if they do
appear to be legit would escape. That means the vast majority of
usres are vulnerable and without a clue.

Roger Halstead (K8RI & ARRL life member)
(N833R, S# CD-2 Worlds oldest Debonair)
www.rogerhalstead.com

Recently, I received a very legitimate SunTrust Bank scam. I was bored and
decided to go ahead click the links and fill out the form with required (but
fake) information. Y'all ought to do it sometime. It is quite interesting.

They asked for my name, address, phone number, mother maiden name, Social
Security number, bank account & routing number, and other information that
was very personal that no bank would ever request. It is very difficult for
me to imagine someone who would be so naive or stupid enough to actually
enter real information.

I consider it Digital Darwinism. Some folks just don't need to own a
computer.

On Sun, 20 Mar 2005 10:46:04 -0500, Roy Smith wrote:

"Jim Fisher" wrote:
They asked for my name, address, phone number, mother maiden name, Social
Security number, bank account & routing number, and other information that
was very personal that no bank would ever request. It is very difficult for
me to imagine someone who would be so naive or stupid enough to actually
enter real information.

Con games have been going on forever. I first heard of the "I found some
money and I'll split it with you, but you have to put up $X to show your
good faith" scam when I was a kid (my father told me how it worked).

I next heard of it a bunch of years later when a woman I was working with
fell victim to it. She came in one morning and started telling a strange
story of how somebody approached her and said they had found $10,000 or
some such. She was flabbergasted when I finished the story for her.

These days, the same scam is still going around, the only difference being
that email has taken over as the transmission mechanism. These scams
survive because they continue to work.

They survive and continue to work because people are greedy and are
then embarrested too much to say they were scamed.

As you say, they are nothing new, but the delivery method has changed.

Roger Halstead (K8RI & ARRL life member)
(N833R, S# CD-2 Worlds oldest Debonair)
www.rogerhalstead.com

On Tue, 22 Mar 2005 16:49:31 -0600, "Jim Fisher"
wrote:

"Roger" wrote in message
But, what the hey... with the money I've come into this last week from
three international lotteries, The widow who wants me to help her move
her late husband's money to the US, three oil investments, and 3 or 4
lawyers, trusts, estates, (you name 'em) I should have close to $200
million USD coming in.

Hey! Butt outta my territory! I'm handling the widow thing.

I also have an ex-prince wanting my help. Top that!

Maybe we can work out some kind of equitable trade. I'll take care of
the cash on this end and you fly over to take care of the deal in
person?

Roger Halstead (K8RI & ARRL life member)
(N833R, S# CD-2 Worlds oldest Debonair)
www.rogerhalstead.com

On Sat, 19 Mar 2005 15:00:35 -0500, Peter Clark
wrote:

On Sat, 19 Mar 2005 12:09:52 -0500, Jay Somerset
wrote:

On Sat, 19 Mar 2005 07:51:37 -0500, Peter Clark
wrote:

They're also pretty easy to pick out because the link has an IP
address rather than a name. Sending you to http://1.2.3.4/whatever
and sucking the information from inattentive people is much easier
than having the link point to http://www.mbna.com and attempt to
redirect the real sitename to their data-gathering box.

Unfortuantely, not true! There are ways to fool your browser (any browser)
into displaying what looks like the legitimate URL in the status/message
bar, but which really is not. Uses special characters that have a defined
meaning in URL syntax, but are not displayed, and not widely knowm.

Perhaps I'm spoiled by Eudora, but I don't even click on an emailed
link unless the preview of what it's going to launch to
Explorer/whatever shows up with proper English characters, and a real,
known, sitename.

What would you do in my case? I go to a number of Asian and Indonesian
sites and receive legitimate e-mail from those areas.? :-))

Last year my Daughter spend over a month in mainland China and nearly
three weeks in Indonesia. (She left for home just one week before the
Tsunami)

The food caught up with Kevin on a long flight from Tibet to the
coast. They travel enough it usually doesn't stay with them for long.

Roger Halstead (K8RI & ARRL life member)
(N833R, S# CD-2 Worlds oldest Debonair)
www.rogerhalstead.com

Boils down to if it doesn't seem/look right, it's not. Any question,
just launch the browser yourself and go to the site directly.

On Mon, 21 Mar 2005 13:18:45 -0500, "John T" wrote:

Jay Somerset wrote:

The only way to be absolutely sure
would be to copy the URL to an ascii text editor that doesn't
understand what a URL is supposed to be, and cxheck that way.

Or save yourself a step and just set your email client to "text only" mode.

People just don't realize, or won't believe just how many headaches
that eliminates. As far as I'm concerned they shouldn't even allow
HTML e-mail.

Roger Halstead (K8RI & ARRL life member)
(N833R, S# CD-2 Worlds oldest Debonair)
www.rogerhalstead.com

Roger writes:


Perhaps I'm spoiled by Eudora, but I don't even click on an emailed
link unless the preview of what it's going to launch to
Explorer/whatever shows up with proper English characters, and a real,
known, sitename.

What would you do in my case? I go to a number of Asian and Indonesian
sites and receive legitimate e-mail from those areas.? :-))


I read mail with elm and news with nn. Both text. I laugh
at all phishing and 419's.... as well as the virus attacks.

--
A host is a host from coast to
& no one will talk to a host that's close........[v].(301) 56-LINUX
Unless the host (that isn't close).........................pob 1433
is busy, hung or dead....................................20915-1433

Roger wrote:

This is one of the hazards of using HTML e-mail. I use text only.
Clicking on the link can take you to the bogus site while typing in
will not.

I've never been able to find the setting for this in Netscape. There's a setting
to specify text/HTML in outgoing mail, but not for incoming.

George Patterson
Drink up, Socrates -- it's all-natural.

George Patterson wrote:
I've never been able to find the setting for this in Netscape.

The best way to configure Netscape mail is to drag it into the trash and
download Thunderbird instead :-)

("Roy Smith" wrote)
I've never been able to find the setting for this in Netscape.

The best way to configure Netscape mail is to drag it into the trash and
download Thunderbird instead :-)


I'm running T-bird. Couldn't find the HTML setting in question there either?


Montblack

In rec.aviation.owning David Lesher wrote:
: I read mail with elm and news with nn. Both text. I laugh
: at all phishing and 419's.... as well as the virus attacks.

Hear, hear! Not to mention that IRIX is pretty immune to PC trojans..
--
Aaron Coolidge (elm for mail, tin for news!)