scam_300

They're at it again

| Scamps and scoundrels seem to be among the most creative people in the world. At the very least, they are astute psychological manipulators. Case in point: a brand new phishing email today purporting to be from Western Union.

This lastest hoax is bound to snare many who don't stop to think.

email
OMG, I sent someone $95.50!

The set up is this: You've sent someone $95.50 and it is waiting for them to pick it up. But just in case you've changed your mind, you do have one last chance to cancel the transfer. It looks pretty real:

Except you know perfectly well you didn't wire anyone $95.50. So what's the catch?

The catch depends on the fact that what you see as a link isn't necessarily the same as the actual link in the HTML code, "behind the scenes" as it were. Let's compare:

code

The actual address — the part between http:// and the first / — has a whole lot of stuff after the wumt.westernunion.com, and there's the rub. This link actually goes to .yhe3essy.com.pl, and it is the last dot something that matters. Dot PL (.pl) just happens to be the domain code for Poland. So some shady operator working out of Poland has set up a nice trap to fleece you — probably out of $95.50.

I have no idea what happens if you actually click the link. I do know that if you enter http://wumt.westernunion.com.yhe3essy.com.pl/ in your browser, Google Chrome, at least, gives a nice warning:

warning_624
The warning displayed by Google's Chrome browser

"There's a sucker born every day," as my mama used to say. And the phishers and scammers and hoaxers are out to prove it.

Last updated on Apr 13, 2018

Chronicles

Archives

Recent Articles