Gullible Email Users Get a Free Warning Most Sophisticated Email Scam Fails Due to Coding Error

Gullible Email Users Get a Free Warning Most Sophisticated Email Scam Fails Due to Coding Error

E-mail users recently received what might have been the most sophisticated email scam seen to date, if only the scammer hadn't been too busy being clever to double-check the Hyper-Text Markup Language, (HTML) code in his message. Instead, they received a free warning against e-mail scams.

The scam campaign started out a little after 10 AM, Pacific time on July 14, 2005, with a preparatory message. It had an official-looking Yahoo! e-mail message design, and told the prospective victim that his e-mail service provider has just registered as a Yahoo! Lottery Affiliate, and that "the next winner could be you!" According to Sam Thorne of GotSpamIt.com, "there was nothing terribly obvious about this message to indicate it wasn't legitimate, except that it didn't actually name my service provider, and it only came to one of the email accounts that I have with them. The follow-up message, about three days later, congratulated me for winning $300 in the Yahoo! Lottery."

The follow-up message, sent shortly before 5:30 AM on July 17, also looked official. The prize amount was small enough to be believable, yet large enough that, according to Thorne, "you'd feel stupid not to take it". The linked text looked like something one might have to click to retrieve such a prize, and it contained enough "alphanumeric salad" that it actually resembled the linked web address, or URL, at first glance.

Even the "From" email address of each message looked reasonably official. "Where it all falls down is when the scammer got sloppy while pasting in the URL for his spoofed link", according to Thorne. Pointing to a line in the follow-up message stating that, "Your money will be paid directly to your e-gold, PayPal, StormPay or MoneyBookers account", he adds, "undoubtedly the scammer intended for us to reach a web site that included official-looking pages of Yahoo!, e-gold, PayPal, StormPay, and MoneyBookers, that would collect our login info for those accounts. The scammer's web host has removed that site, thus alerting the scammer that the gig is up. Otherwise, I wouldn't want to publicize the fact. He could have gone on sending out defective links until he got caught, and fooled no one."

This mistake may have given some gullible e-mail users a free warning and a second chance. However, Thorne suspects sadly that many of them may be so gullible that they still expect Yahoo! to give them prizes.

If it weren't for that, perhaps Yahoo! would be grateful for all the advertising the scammer did for them. Thorne says, "even though I have a Yahoo! email account, I never knew they had a lottery. Yes, I checked, and yes, they do."

Copies of the messages Thorne received are online in the GotSpamIt.com Spam Warehouse, or:
http://forums.delphiforums.com/spamwarehouse/messages?msg=585.1 .

Sam Thorne
e-mail protected from spam bots
P.O. Box 133
Fields Landing, CA 95537

GotSpamIt.com is a message board community hosted by Delphi Forums, founded in September 2002, in which e-mail users share information and entertainment about e-mail spam and scam messages. Sam Thorne is the owner of GotSpamIt.com