Fun with phishing

(Illustration by Mohamed Hassan/Pixabay)

If I go to hell, it’s Josh Jones’ fault.

Jones co-founded Internet Web hosting provider DreamHost back in 1996. In 2006, his wife fell for an email phishing scam promising an “IRS tax refund” if she’d just reply back with a ridiculous amount of sensitive personal information, including her Social Security number and a credit card number. And she did it.

One has to wonder how even the most basically tech-savvy person could fall for phishing scams like that, but it happens every day and sometimes to the most unlikely of people. “Believe it or not, my wife is not stupid,” Jones said. “In fact, she has a PhD from Harvard!” (Harvard admissions would have probably preferred Jones not divulge that particular bit of information about his wife, but I digress.)

Jones discovered a Yahoo! Mail account was being used to perpetrate the scam and dutifully reported the message to Yahoo’s abuse department, which did about as much good as calling Orkin to tell them Mississippi has mosquitoes. Then he notified his bank and all the credit reporting agencies, etc.

It’s what Josh Jones did next, however, that was brilliant. He took the source code from the Web form being used by the scammer to collect victims’ personal information and started flooding the associated email inbox with fake information.

By deluging the criminal’s inbox with a mountain of fake information, Jones hoped it would make it difficult for them to separate out legitimate personal information belonging to real victims who fell for the scam — a unique twist on the concept of security through obscurity, albeit as damage control instead of a proactive defense.

His method was quite ingenious, even if dubiously legal (spamming spammers is still spam, and it’s still bad). He wrote about the incident at length on the DreamHost blog, and it makes for a very entertaining read.

Jones’ tale inspired me in new ways. While I’ve never gone to the lengths he did in order to strike back against spammers and phishing fraudsters, occasionally I do like to have a little fun with them. Today was one of those days.

Yesterday, I saw an ad posted on Craiglist under the heading “`Need load my truck moving boxes NEXT_MORNING load & Cleaning_60 boxes.” Here’s the full text of that ad:

://\/Need::load my truck moving boxes tonight load & Cleaning~[60 boxes]:::

Needed:::::::::this evening just to load 50 boxes a couple of bikes and 1 small bed.
Paid by cash at the end of the job.
I will pay a flat rate of $230 plus tip.
!!!::::::::Serious inquiries only::::::::!!!

The screwed-up language and punctuation were immediate red flags, but it’s not uncommon for people to need help moving and the ad could have just been posted by someone whose native language isn’t English.

This sounded like a potentially good way to pick up a little extra money during a slow week and it didn’t seem “too good to be true” by any stretch of the imagination, so I replied asking for more details.

Here’s the response I got via email (sent from “faith51ni@gmail.com”):

Good day, I only have the cleaning Position available for now and sorry for our late response. My name is Faith Wilson and My husband’s name is Wilson Jackson, We have a pretty 4 years Old daughter call Sarah and I’m also expecting baby we are in Toronto CANADA. We are all relocating to your city in United State on April 30th 2015, My husband will be coming there in your city in United State to work on contract basis work, Well we believe you can do the cleaning for us anyway.

You applied for our cleaning Job Ad from Craigslist We need you to be cleaning our apartment at least 3 times in a week. So the Bedrooms Size will be as follows: One of the bedrooms is approximately 11′ X 11′ and the other one is 12’x12′, but will not be a perfect square, so probably closer to 100 square feet; it comfortably fits a full size bed, desk, Armour and chest of drawers…. The apartment will be large with Dishwasher, Oven, Microwave.etc.–washer/Dryer — 1 full bath / 1 half bath –central air and heat. The apartment will occupies the entire floor of the building with direct access via the elevator, this is exactly an apartment we asked the Real estate Agent to get for us in your location the apartment would be in your city so that will make it easier for you to get to work on time We have not pay full payment to the realtor until early May and then I will give you the address then if you ready to be a part of our Wonderful family.

We will be needing your services for 2hours at any suitable time of yours throughout for at least 3 days in a week I hope two hours is enough in cleaning 3bedroom house with one master bedroom and two standard size rooms, with One Living room and a kitchen as well. I believe you are fit for this position in as much you will prove yourself to be a reliable and hard working person, Our arrival date would be (April 30th 2015) Like I said, You will help us to clean the apartment in the morning of our arrival date. My husband will tell the Estate Agent to mail the keys to the apartment to you as soon as it has ready may be you will be able to clean it before we arrive. Also I would like you to know that all Tools and materials needed for the job to make it perfectly okay will be provided by us, We will be spending about 3 years for the contract job or more we are not yet sure, so I will be needing your services for that time as well I’m satisfied with the services you rendered. We have a financier that is based in the states and he will be handling the payment and some other expenses, so he will be the one that will be taking care of your payment. My husband will instruct him to pay $400 advance payment before our arrival so as to secure your service, your weekly salary would be $400, actually we should have paid for more weeks but we will extend the payment if we are satisfy with your service after a week. So my husband financier would be needing the following Information to make out the check:

Full Name:
Full Physical Address NOT PO Box:
zip code:
home Phone #:
Cell Phone # :
Sex :
Current Occupation:
Email address:

Please if you know you really interested in this job kindly email with above information to secure this position because I have someone else email us regarding this job but I haven’t respond back to the woman need to hear from you first. If you send above details to mail the payment to you I will let the woman know the position is no more available.

Hope to hear from you sooner and kindly let me know if you have accepted our offer so that we can forward your info to the financier to issue out the check as soon as possible. Remember our Real Estate Agent still working on our apartment and she said she would get back to us with the key and address as soon as our apartment is ready and do not bother to reply this if you are not honest and ready to work.

Thanks and we would wait to hear from you.

Best Regards.
Mr and Mrs W. Jackson

Gee, nothing phishy about this, huh? Geez.

Since the message was sent by a Gmail user, I reported the phishing scam to Google so they could take action. Then, I decided to have a little fun by sending the following reply to their query:

John William Conway
700 Capitol Ave. Ste. 118
Frankfort, KY 40601-3449
(502) 696-5389

I sent the scammer the name and address of Kentucky Attorney General Jack Conway, along with the phone number for the Office of Attorney General’s Consumer Protection Division and the email address for the Cyber Crimes Unit.

I wonder if this crook will be dumb enough to send Kentucky’s attorney general a counterfeit check, which is often the way scams like this play out?

I sure hope so.

Billy Suratt

Billy Suratt is a Mid-South photojournalist and Kentucky writer. He enjoys long walks on beaches, short walks through parking lots and shooting football by candlelight. Follow him on Twitter, but please not through any parking lots.

Related Articles

Leave a Reply

Your email address will not be published.

Back to top button
We use cookies in order to give you the best possible experience on our website. By continuing to use this site, you agree to our use of cookies as governed by our privacy policy.