Wednesday, May 23, 2012

Phishing, Herring, and You. (Part One)


Sometimes when I get to the point  where I can't think of what to write about, subject matters falls right into my lap. So here we go: Received a most interesting email last night:


Title of email: Today is May 23, 2012 2:58:12 AM, Dear (my first and last name were inserted here)


Patrick Brown (from a Gmail address) 


Good day (my first and last name were inserted here),
Congratulations! Based on your resume on beyond.com we We are delighted to offer you the following proposition..


The opening we are proposing is that of a FF Coordinator at a wage of $2300 per month based on a trial period. Your working timetable will be Monday thru Friday for 2-3 hours a day.
Probationary period - 30 working days from the day you apply.
Employee Benefits Include:
- Dental Care
- Health care
- Vacation - 4 weeks per annum
- And others


All benefits take effect only after trial period.
We would hope to start working with you as soon as possible. Please report to Patrick Brown as soon as you receive this offer, for documentation and orientation.
Please fill out and send us the form below with your Contact information to verify your identity and interest in this position.
---------------------F O R M _________F O R M------------------
Full Name: ____________________
Address: ____________________
Phone: ________________________
Preferred call time: _______________
---------------------F O R M _________F O R M------------------
Look forward to working with you.
Thanks,
Patrick Brown
Recruitment Manager


What’s wrong with this picture? Several things:

  • I don't recall signing up with anything called beyond.com. Went to the site, and sure enough, I had a sign-on and password (probably checked it out years ago), however, my profile was never filled out. My resume was never posted there, yet Mr. Brown claims he’s seen mine!
  • Mr. Brown fails to identify the company where he is employed. A quick search didn't reveal any hint at who he may be working for.
  • Mr. Brown never reviewed his communication to me prior to sending. I’m specifically referring to his “we We” typo in the message.
  • What’s an “FF Coordinator” anyway? Would I be in charge of sending out well-deserved Follow Friday tweets to Twitter followers perhaps?
  • And dig this: They’ll even pay me to take four weeks off when the job is only 2 to 3 hours per week? And all those benefits besides. Folks, you know the old saying “If it’s too good to be true, it probably is”. 

And all I have to do is fill out a simple form? That’s it? Now, I’m not a security expert, so I don’t know exactly what they are phishing for here. 


After all, Mr. Brown is only asking for my address and phone number which is something they could find on their own if they poked around a bit. Regardless, the offer reeks of rotten herring.


Now, being me with a curious nature and a need to research and find answers, I responded. And, there’s more to the story beyond my answer email. But since this post is getting lengthy, I’ll save that for part two. 


I’ll leave you with a song about creatures that swim:




Stop by, say Hi! Twitter, Facebook, Google+




2 comments:

Anonymous said...

My spam du jour was from the FBI no less! They say I'm the beneficiary of $10.5 million.

Tim Armstrong said...

Can Not wait to read part two! Yes, lot's of red flags here.