Phishing Season Is Over!

“According to a recent email, the IRS is sending me an extra refund that I was not even aware that I was entitled to!” Yup, I actually received one of these clever “phishing” schemes here recently and boy, I was none too happy.

Why was I so upset about this? Because of how brilliantly put together the scam was. First off, the refund amount is a totally believable – $63.80. And the site appears to be the real deal, right? So how do I know this is a scam? I did a little whois research and then dug further based on this and the IP addresses being used. What did I find? A company named Servertemple who is clearly listed with GoDaddy.

So this leads me to a couple of conclusions: The first is that this “phisherman” is amazingly stupid and is trying to attract the FBI. And the second possibility is that this crook is a lot craftier than I had thought and has hijacked this person’s server instead. I am leaning with the first assumption as the main page appears to be blank and serving no legit purpose. Then again upon doing a little more research – the real host and source of the problem became clear.

You know, we here in the US may be guilty of kicking down our fair share of spammers, but if I had a dollar for every email that I have gotten from the Ukraine this month claiming to be eBay or a bank, I would no longer have to work. As much as I hate blacklisting any one region, the Ukraine has really been itching for it lately. I really don’t care what the excuse is for the nonstop phishing scams coming from specific parts of the world, I am growing more and more tired of cleaning up their messes.

What do you think? Should we make the total lack of law enforcement or funds to enforce international common sense a problem solved by blacklisting IPs from countries who have done NOTHING to stop this behavior? I am screaming toward this myself as I just got three more emails from eBay a minute ago, this time from a region in Africa. Oh, the fun of lawlessness.

Oh, and if you are interested, here is the real culprit’s whois info

[tags]scam,phish,whois,email fraud,ukraine,irs scam[/tags]