There seems to be a lot of interest today and yesterday in my post about the terrible phishing attempt e-mail I got a few weeks ago. I wonder if another round of identical e-mails just went out, so a lot of people are searching for it today?
While trying to find out, I came across this one described in The Washington Post. It’s not quite as bad as the one I posted about, but it’s definitely not very convincing. This one pretends to be from the Social Security Administration and warns you that:
Someone illegally is using your Social Security number and assuming your identity.
Excellent way to start off a phishing e-mail, by reminding people that someone having access to your social security number means they can do bad things. And then follow that up, of course, by asking them to give up their social security number.
Oh, but not just that. They also ask for your bank information, credit card number, expiration date and PIN. Because obviously those are all things that the Social Security Administration would obviously need. Why, if you’re a United States citizen without a credit card, and your social security number is compromised and you’re a victim of identity theft, they’ll just refuse to help. Makes sense.
Like the last phishing e-mail I wrote about, you have to wonder how many people would ever fall for something like this. You have to assume it’s like e-mail spam: it works on enough people for it to be worth doing. Sad.