On Thu, 25 Sep 2003, Rob Rogers wrote: > > Name > CC# > CCV (that 3 digit number at the end of the signature panel) > Pin # > Mother's maiden name. > MSN Acct name > MSN password > Social security # >
My wife and I got some phone calls like this a few months ago. When they'd call, they'd say that they were from wells fargo (we don't have wells fargo, but 50% of californians probably do) and they'd say there was a problem with my account, and they needed to verify some information. They'd ask for my mother's maiden name, last four digits of SSN, etc. They'd say _are you still living at 123 front st._ hoping you'd say, _no, i live at XXX whatever street_. It was all very strategic and well done. Any stupid, optimistic, or gullible, person would just start spouting out personal info. My wife and I talked about how tragic it would be if an elderly person answered, or a mentally disabled person, or anybody else who otherwise might be a bit easier to take advantage of. They were very good at the scam. The lady (it seemed like the same lady everytime) even left a phone number. When you called the number, it would be her on an answering machine telling you to _go ahead and leave your name and social security number_ at the tone. We reported this all to the police and never heard back from them (what do you expect?). Us security minded folk are probably not very sucepible to this type of scam (if you use SSH or GPG, you're probably smart/paranoid enough to be safe), but think how many people online are. Sometimes I want to say _screw 'em if they aren't smart enough to not get scammed_ but then I think of my dad who calls me to complain about the button on his webpage that says _speed up you internet connection by clicking here_ not working, and I guess I have to be a little more forgiving of the technically challenged (not to say that tech-saavy folks are always security-saavy, but whatever). For what it's worth, from an HTTP/URI and JavaScript point of view, this scam is clever, especially when it redirects the parent window back to the REAL citibank site (that is just an excellent touch). Dave M. _______________________________________________ vox-tech mailing list [EMAIL PROTECTED] http://lists.lugod.org/mailman/listinfo/vox-tech