PDA

View Full Version : Geoffs latest blog post - really well done scam site



Morgenmuffel
12-09-2010, 07:13 PM
I know most of us get those scam emails saying you have a refund etc from your bank, normally some american bank that your average kiwi has never heard off.

But the one in geoffs blog blows me away for being well thought out. i wonder how many people it will catch, I always check the senders address, but most non-techie people I know probably wouldn't, same goes for the URL of the site.

What do you reckon, we'll be seeing some poor women on close-up telling how she lost all the money she was going to send her Nigerian friend by going to the fake IRD site

roddy_boy
12-09-2010, 07:30 PM
Cheers for the link.

xyz823
12-09-2010, 07:49 PM
Cheers for the link.

Yea defiantly. Geoffs blog looks very well laid out.

Pato
12-09-2010, 08:22 PM
Where is the link.?

gary67
12-09-2010, 08:27 PM
I think they are being facetious

xyz823
12-09-2010, 08:38 PM
I think they are being facetious

fa·ce·tious/fəˈsēSHəs/
Adjective: Treating serious issues with deliberately inappropriate humor

Had to google that one!

gary67
12-09-2010, 08:41 PM
Your lucky I had to hope like hell the spell check knew how to spell it correctly since I don't

bob_doe_nz
12-09-2010, 08:44 PM
Cheers for the link.

http://blogs.pcworld.co.nz/pcworld/tux-love/2010/09/scam_scam_scam.html

All it took was 30 seconds.

roddy_boy
12-09-2010, 10:25 PM
Cheers for the link :D I actually had no idea what he was referencing.

The email itself screams scam, anyone who doesn't know this yet shouldn't be allowed on the internet. The website is pretty good though.

Orca
12-09-2010, 10:33 PM
If the site was "really well done" as he claims they would've bothered to register something like ird-refunds.co.nz or something not completely retarded. Secondly set up a few email accounts with the same domain so it looks half legit. Thirdly IRD don't actually send you emails unless it's through the secure online email system (which you need to enter your IRD details to get in). Fourthly who is stupid enough to think they need to enter their bank password in for a refund? For anyone to send you money they only need your account number. Finally they could've at least made their own SSL cert though that might flash a warning on the user's browser.

SoniKalien
12-09-2010, 10:46 PM
Geez, teach them how to do it properly why don't you? :p

Morgenmuffel
13-09-2010, 09:12 AM
Could have sworn I had posted the link, anyway the point was the sites "look right", an SSL certificate that gives a warning is more likely to alarm people than no certificate, most people on here have way more experience and computer nous than the average punter, so would be expected to spot all the issues, besides from experience of computer illiterate customers, I have had someone tell me they thought a domain had a virus because their address bar went yellow and the address changed to https rather than http when they went to purchase something.

ubergeek85
16-09-2010, 11:30 AM
Part two; http://blogs.pcworld.co.nz/pcworld/tux-love/2010/09/scam_scam_scam_part_ii.html