So many phish, so little time…

If you don't have your own spam, here are two little phish that turned up in my corporate mail in one day.

From: Mr. Fredrick Andrew. [fredrick_andrew005@walla.com]

Subject: PLEASE YOUR REPLY IS NEEDED URGENTLY

My name is Mr. Fredrick Andrew. I trained and work as an external auditor for the Development Bank of Singapore (DBS). I have taken pains to find your contact through personal endeavours because a late investor, who bears the same last name with you, has left monies totaling a little over $10 million United States Dollars with Our Bank for the past twelve years and no next of kin has come forward all these years.

Isn't that a co-incidence? One of my really lucky breaks!

[Blah. Blah. Blah… – Kim]

Needless to say, Uttermost CONFIDENTIALITY is of vital importance if we are to successfully reap the immense benefits of this transaction. I have intentionally left out the finer details for now until I hear from you. To affirm your willingness and cooperation to my proposal please do so by email, stating your full names, date of birth, telephone number and fax number. I do expect your prompt response. pls do contact me in my email address:

[fredrick_andrw@yahoo.com.sg ]

Waiting to hear from you soon.

Thank you.

Mr. Fredrick Andrew

There is the small problem that when I ping walla.com my IP-location service tells me its in Isreal. Do you think the discrepancy with Singapore matters?

Anyway, if one day I just stop blogging, you'll know this has come through for me!

In the meantime, here's the other one – a lot more sophisticated:

eBay Safeharbor Department Notice

Fraud Alert ID : 00626654

Dear eBay member,

You have received this email because you or someone else had used your identity to make false purchases on eBay. For security reasons, we are required to open an investigation on this matter. We treat online fraud seriously and all cases which cannot be resolved between eBay and the other involved party are forwarded for further investigations to the proper authorities. To speed up this process, you are required to verify your personal information against the eBay account registration data we have on file by following the link below.


Please save this fraud alert id for your reference.

When submitting sensitive information via the website, your information is protected both online and off-line. When our registration/order form asks users to enter sensitive information (such as credit card number and/or social security number), that information is encrypted and is protected with the best encryption software in the industry – SSL.

Please Note – If your account informations are not updated within the next 72 hours, we will assume this account is fraudulent and it will be suspended. We apologize for this inconvenience, but the purpose of this verification is to ensure that your eBay account has not been fraudulently used and to combat fraud.

We apreciate your support and understanding, as we work together to keep eBay a safe place to trade.

Thank you for your patience in this matter.

Regards, Safeharbor Department (Trust and Safety Department)
eBay Inc.

Please do not reply to this e-mail as this is only a notification mail sent to this address and can not be replied to.

Copyright 2005 eBay Inc. All Rights Reserved.
Designated trademarks and brands are the property of their respective owners.
eBay and the eBay logo are trademarks of eBay Inc. which is located on Hamilton Avenue, San

If you look at the source for this one (I've defused it slightly), you'll see it's hard coded to 203.215.162.99, which geobytes.com couldn't find, but melissadata.com placed in Pakistan, the ISP being the Pakistan Software Export Board. I really like the way the Copyright makes everything look official. Note that despite the sophistication of the attack, the text still contains errors in grammar to alert us.

[tags: , , , ]

Published by

Kim Cameron

Work on identity.