Western Union phishing email: “Your Money Transfer Control Number: 590575482”

Here is the full text of an email message I received Wednesday morning:

From: westernunionresponse@mail.westernunion.com
To: [as usual, not my address] 
Sent: Wednesday, January 06, 2010 9:26 AM
Subject: Your Money Transfer Control Number: 590575482

Dear customer,

Thank you for using the Western Union Money Transfer®.

Your money transfer has been authorized and is now available for pick up by the receiver.

Transfers to certain destinations may be subject to further delay or additional restrictions.

TRANSACTION DETAILS:

Your Money Transfer Control Number [MTCN] is: 590575482

Please use this number for any inquiries.

Date of Order: Wed, 6 Jan 2010 16:26:48 +0100
Amount Sent: $94.50

You can cancel this transfer by using the hyperlink below:

http://wumt.westernunion.com/WUCOMWEB/transactions/HomePage/cancel.php?session=&mtcn=590575482&summ=94.50&date=Wed, 6 Jan 2010 16:26:48 +0100

Thank you for using Western Union!

————————————————————————–
DO NOT REPLY TO THIS EMAIL.

I knew right away this was a phishing email. If I didn’t have these articles to write, I would have deleted it without even looking at the message itself.

Usually, when we think of “phishing,” the first thing that comes to mind is an urgent message that appears to be from a financial institution, instructing us to visit a website and log in to “verify” our account information. This results in revealing personal and account information to someone who will use it for theft (financial, identity or both).

This is a different tactic: make the recipient think a withdrawal is about to be made from their account, and hope they panic and click the link to cancel the transaction.

There is a distinct advantage to this method: when you send a message that claims to come from a financial institution, you usually have to pick one, which limits your potential victims.

For example, if you send out a million messages that look like they came from Chase or HSBC, 90% of your potential victims don’t have accounts at the institution you picked. They recognize it as phishing right away (and will likely recognize your next attempt as such, even if you happen to pick an institution they have a relationship with).

With this Western Union attempt (and its direct ancestor, the PayPal Phishing Email), they take advantage of the fact that anyone can use Western Union. You don’t have to have an account with any particular institution to wire money this way.

Now, I’ve never used Western Union. In fact, at my previous job as a bank teller several years ago (!), I completely weaseled my way out of learning how to use their new Western Union machine, because it arrived during my last two weeks on the job and I didn’t feel like getting into it. Yes, I told them that.

However, a quick look at their website tells me you can wire money online, and I’d be willing to bet that the text of this phishing email is directly taken from a legitimate Western Union message. In fact, the text of the message uses a real website (wumt.westernunion.com).

The thing is, if you look at where the link actually takes you (it’s not the same as the text in the message), it’s a website hosted at “wumt.westernunion.com.yhe3essr.com.pl.” This is a classic phishing-style URL. Like I said, I’ve never used Western Union, and I don’t know much about them. However, I know this much: they’re not based out of Poland (.pl).

I wonder what happens if you follow that link—does it try to steal personal information, or does it install malicious software (or both)? I sort of wish I had a junk computer to try it out on. I’d probably just enter rude words in all the “name” and “address” fields.

I’m sure this message has been received by thousands of people already. It’s trickier than the usual “verify your information” attempt, and I’m sure the success rate will be much higher, unfortunately.

As usual, though, there are lots of telltale signs that something isn’t quite right. When you get these messages, just take a moment to relax and think about it, and you’ll be fine.

But seriously folks, what is the deal with wiring money?

Looking back over the different types of fraud and scams I’ve been covering these past few months (and the ones I’m going to cover soon), I can’t help but notice that an inordinate amount of them involve wiring money.

Mystery Shopper Scams: the victim wires money to the thief.

Grandparent Telephone Scam: the victim wires money to the thief.

Craigslist Overpayment Scam: the victim wires money to the thief.

Job Interview Scam: the victim wires money to the thief.

Lottery Scam: the victim wires money to the thief.

So this has me thinking…what is the deal with wiring money? There just seems to be an aroma of seediness around the whole industry.

I’m not trying to throw Western Union under the bus here. I know the vast majority of people are using it and similar services for legitimate reasons, but still. Why is it so easy to commit crimes using money-wiring services, and could providers do anything to make it less so?

In all honesty, probably not. The crook is the one committing a crime. The victim is just wiring money, which you can pretty much do at will. It’s not a crime to fall for a scam. Limiting users’ ability to wire funds would just create extra hassle for customers and drive down business.

So that means it’s on you to not become a victim in the first place. Be knowledgeable about different types of scams. Most of all, just think before you act.

For example, I can’t think of a single legitimate case in which someone would mail you a cashier’s check and ask you to cash it, then wire money back to them. If someone is telling you to do this, it is a scam. 100% of the time. Just take that as a general rule, and you’ll reduce your chances of becoming a victim.