Thursday, March 24, 2016

About that order you didn't request ...

The creativity and persistence of perpetrators of email "phishing" scams never cease to amaze me. The latest trend in this bizarre underworld of massive amounts of email sent to naive (or thought to be naive) email users is the email designed to look like an innocent business transaction.

I've received a large number of emails that alert me that payment is due on the order I sent or that I need to confirm my order before it can be shipped or that information on the payment owed to me is in the attached file. Only thing is, I didn't place an order, don't need to confirm any order and am not owed any payments from these enigmatic senders. I'm confident that if I were to click on the attached file or the embedded link, I would find my computer infested with malware, a virus or who knows what.

The fact that I have received nearly identical emails, right down to the subject lines of the emails, several time in one day, all from different senders, shows me the ubiquity of this latest scam. Word is apparently getting around in the phishing community that these fake orders and payments work better than the Nigerian prince who wants to deposit $6 million in your bank account.

The popularity among phishers for this ruse indicates to me that the scam is successful. There must be millions of infected computers around the world right now as a result of curious people clicking to see what they had ordered or what was owed to them.

The Internet has made it easier for thieves to find and steal from their victims. No need for guns or threats; their weapon is their victims' curiosity. That natural curiosity is probably wiping out bank accounts and ruining expensive computers.

No comments: