Archive for July, 2008

July 21, 2008

Phishing for Photographers

Any photographer would get excited by the chance to buy a camera for a tenth of its regular price. Well, when you see such a deal on eBay, this is most probably a phishing scam. (If you don’t know, phishing is a criminal activity with the aim of obtaining people’s financial information, social security numbers, credit card info, passwords.) Hacker mobs find ways to hijack legitimate sellers’ account, especially if such accounts have been dormant for some time, and post their own ads with lucrative offers. They even provide a contact address that is fake or randomly selected. How to avoid being scammed? The old rule applies – if it’s too good to be true, it most probably is.

Such scams have been known for a while. Now, just yesterday we received a phishing sample that is quite new to us but it does remind so-called “Nigerian letters” that say you have won an international lottery or asks you to help release a large sum of money inherited by someone and a percentage in return. This is an ancient form of phishing that pre-dates the Internet.

Scams like this target everyone. But there seem to be customized versions of such scams targeting particular groups of people. There are postings on business forums where multiple victims complain they have paid thousands of dollars for submitting an application to receive financing from VC firms.

The letter that we received targets photographers. Being a photography post production company, we were not familiar with this new scam genre and forwarded the email to one of our old clients, who replied that she has been receiving such emails for a while. We decided to post the entire letter so that you would recognize a phishing “inquiry” if you get one. There are at least six distinctive markings of a scam here: it’s too good to be true, it’s too wordy and has too much personal detail aimed at establishing credibility, “I am looking for the BEST” – an old-time classic to flatter you, name-dropping by specifying a modeling agency that exists, a hazy excuse “I could have making this a phone order but”, plenty of errors. See for yourself:

My name is Laura Baldwin a model with UK Model Management Company But Presently am in Essex,North London on a modeling contract which i hope to be back home soon to join my fiance which lives in LA.My Husband’s name’s Bruce and I are planning to have our wedding on Sept. 27th,2008 @
Millennium Biltmore Hotel 506 South Grand Avenue LA,I am looking for the best Photographer who will come and photo shot on the D-day and when i came across your advert i was impressed.

Let me know your price charges for your required services if you are to give me the below packages on that day with full coverage of both the church and reception and of both the bride and the bridegroom,their parents,the officiating ministers and our guests:

1 CD with all your edited photos, High Resolution (100-400 Images)
1 16X20
1 DVD Slide show, 50 photos
1 12X18 Leather or Suede Coffee Table Album (24 sides)
2 5X7 Leather or Suede Coffee Table Albums (24 sides)


We will want you to work for at least 6 Hours at both occasion and if you are out of party venue,we will pay the transportation charges to and from the party venue .Also,we will have the videos at the wedding forwarded to the Publisher of a celebrity magazine here in Essex,UK so they could feature it in their celebrity weekly Mag.

I could have making this a phone order but there is a little problem with the network of the state so bear with me in a couple of days.

Expected guest count: ~105.
Ceremony start time: ~10:00am, And you could probably leave after cocktail hour, which would probably end around 4:00pm .

Thanks and hope to hear from you soon.

B.Rgds.

Laura Baldwin.

What to do if you receive such a letter? Ignore and delete. Or, if you are not lazy, report it to the US federal cybercrime site at http://www.usdoj.gov/criminal/cybercrime/ or to the Anti-Phishing Working Group – http://www.antiphishing.org.

Bookmark and Share

Advertisements