![]() I'm not talking about some flunky from his office-the real Attorney General. It reminds me of the incident about six months ago where the Attorney General of Colorado arranged to make a personal appearance at a senior center to show attendees how to protect themselves from the types of consumer and investor fraud perpetrated specifically on senior citizens. The 90-percentile group doesn't want to hear about it. The remaining have read it because they were victimized by phishing or some other kind of fraud. (Unfortunately, it's the site of a Swiss web design firm-one that apparently knows about graphics, but not security.)įrom comments I see all around the Internet, I would guess that a high 90-percentile of PayPal (and eBay) users have never read the spoof information that financial sites provide for their customers. The only clickable link in the message (the "Get Verified" link) takes the recipient to a PayPal login lookalike page that has been installed on a hijacked web site in Switzerland. All that the recipient would focus on are the bits in red, claiming that unless updated information is provided, the account will be deleted in 72 hours. ![]() But even if they were links to the real PayPal spoof tutorial, I don't think it would matter. Unfortunately, the items that should be links, like the "New spoof tutorial" heading, are not. I could see many a recipient thinking, "A crook wouldn't put so much in a message about detecting crooks." And they'd be dead wrong. No, what makes this message so insidious is that it will probably convince a recipient that it's legit because it talks so much about how to spot spoofs, how to protect your account, and so on. I won't even get into the goofy bit about the message supposedly being dated February 2006 and talking about the "upcoming year 2006" and the message being sent on 30 June 2006-it's just too easy a target. Bravo!)īut something caught my eye as I scoured a PayPal phishing message today that caused me to look more closely at the content of the message. (I have to say that Yahoo! domain registration and hosting folks have really stepped up their response lately. I periodically through the day check whether the reported pages have been taken down to help me know which ISPs respond quickly and which don't. I simply look through a message's source code for the destination URL, verify it's still active, trace the source of the domain/hosting outfit/IP block owner, report it, and delete the message. The total clicks per campaign remained virtually the same.Ī responsible emailer-holy cow! Posted on Jat 11:21 AMĪt times I get so many phishing messages that I don't bother reading their contents.The clickthrough rate nearly quadrupled.The average open rate more than doubled.While the resulting list count dropped to an alarmingly low 4,510 addresses, some magical things happened as a result: ![]() Now comes word that the Leukemia and Lymphoma Society actually went through a complete requalification of its 33,636 newsletter email addresses to help reduce the headache of getting so many spam reports and undelivered messages. Would that weaken his reach or offering? My own sense is that, due to increased personal, technological, and legal sensitivity to spam, he would be better off with a smaller, confirmed opt-in list. ![]() Here's what I say in the book when he explored trading lists with another consultant: My friend fears that if he attempts to requalify his list by asking everyone to go through a modern confirmed opt-in process that he’d lose a large percentage of names. Most of these addresses weren't gathered through any opt-in mechanism, but from a variety of sources, including the business-card-left-in-a-fishbowl technique at trade shows. In Spam Wars, I mention a high-powered friend of mine in the consulting business who has gathered over 100,000 email address during his years of schmoozing (and believe me, this guy is a First Class Schmoozer).
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |