New phishing attempt: this one is just sort of pathetic.

Posted on

I had two really sad phishing attempts in my inbox this morning, but just in case somebody out there isn’t sure, let me state this very clearly: these are fraudulent messages, and the only correct response is to delete them immediately.

Here is the full text of the first one:

From: Federal Credit Bureau
To: [not my email address]
Sent: Wednesday, December 23, 2009 10:00 AM
Subject: Your Credit Score has been decreased.

Your Credit Score has been decreased. You need to download your credit history file from Federal Credit Bureau website and carefully review it. Use your personal hyperlink.

==========================================
Federal Credit Bureau

And here’s attempt number two:

From: Federal Credit Bureau
To: [not my address again]
Sent: Wednesday, December 23, 2009 9:26 AM
Subject: You have some wrong items in your Credit Report.

You have some wrong items in your Credit Report. You need to download your credit history file from Federal Credit Bureau website and carefully review it. Use your personal hyperlink.

——————————————————————–
Federal Credit Bureau

In both cases, the word “hyperlink” contained a link to a website hosted at a “.co.uk” address.

The thing is, I know they’ll hook a few people with these messages, so let’s take a closer look.

For one thing, no federal entity is going to contact you via email, ever. Right away, you know this is a phishing attempt.

For another thing, federal entities (at least here in the U.S.) use a “.gov” domain. The “reply to” addresses for these were “information@fedcb.org” and files@fedcb.org.” That “.org” is a dead giveaway.

Finally, as stated above, the links contained in the messages took you to a “.co.uk” domain. For those of you who don’t know, that means a website hosted in the United Kingdom. The U.S. government doesn’t hostĀ its websites on overseas networks.

Of course, if you’re living in the U.K., this address might not immediately strike you as odd; but still, aren’t the British government’s websites hosted on “.gov.uk” domains, not commercial “.co.uk” sites?

As always, if you’ve received this message or anything similar, just delete it. That link takes you somewhere you do not want to visit, I guarantee it.