Summary: People continue to fall for what more experienced users would say are laughably bogus phishing attempts. I'll analyze why one common attempt is so bad.
I keep getting this email from Hotmail - is it legit?
Subject: Account Alert From: WINDOW TEAM (*****@hotmail.com) To: *****@hotmail.com Dear Account Users CONFIRM YOUR WINDOWS LIVE ACCOUNT SERVICES. VERIFY YOUR HOTMAIL ACCOUNT NOW TO AVOID IT CLOSED !!! ...
•
This is an old, old scam. Delete it. Ignore it. Do not follow its instructions or your account will be hacked or your identity stolen.
Clear enough?
Apparently not, since I keep getting asked about this scam over and over and over again.
And it's not even that good a scam.
Let me walk through the many ways it's so obviously bogus.
•
By far the single most obvious and telltale sign that this is a bogus scam?
The English is horrible!
The entire message is littered with grammatical errors and other problems. Sure, official emails often have occasional mistakes; it happens. But an official communication from a huge U.S. based corporation is not going to be anywhere near this atrocious.
Let's look at some grammatical specifics and some of the many other tell-take signs in the part of the email we've seen so far:
-
WINDOW TEAM: There is no "Window Team". The product would be "WindowS", with an S. And email about what is now called Windows Live Hotmail would not come from the Windows Team, but from the Windows Live team - they are distinct teams.
-
*****@hotmail.com: the "From:" address, which I've obfuscated here, was obviously an email address of a random person, not a Microsoft employee. How do I know this? The email address was the classic name-digit-digit form that people use when they can't get just "name" as their email address. You think Microsoft employees need to do this? They use either official email addresses like "support" or "customerservice", not individuals, and - ironically - they don't usually use hotmail accounts to do it. Microsoft employees are typically @microsoft.com.
-
VERIFY YOUR HOTMAIL ACCOUNT NOW TO AVOID IT CLOSED !!! ALL CAPS. Official emails do not use ALL CAPS this much. It represents shouting, and is considered very rude. An official business email would never use all caps to this degree.
-
VERIFY YOUR HOTMAIL ACCOUNT NOW TO AVOID IT CLOSED !!! Horrible English: to avoid it being closed.
Some more tidbits from the rest of the message:
This Email is from Hotmail, Msn and Live Customer Care and we are sending it to every Email User Accounts Owner for safety. we are having congestions due to the anonymous registration of accountso we are shutting down some accounts and your account was among those to be deleted. We are sending this email to you so that you can verify and let us know if you still want to use this account. If you are still interested please confirm your account by filling the space below.Your User name, password, date of birth and your country information would be needed to verify your account.
I just can't list the many, many grammatical errors in that paragraph. It was clearly written by someone who does not speak English.
" Hotmail, Msn and Live Customer Care" - uh, no. "Hotmail", maybe. "MSN Hotmail" if this was two years old. "Windows Live", not "Live". In fact, the product name is "Windows Live Hotmail", and any official email from Microsoft can be reasonably expected to get their own product name correct.
Due to the congestion in all Hotmail ,Msn and Live users and removal of all unused Accounts, we would be shutting down all unused Accounts, You will have to confirm your E-mail by filling out your Login Information below after clicking the reply button, or your account will be suspended within 24 hours for security reasons.
Windows Live Hotmail already has a policy and procedure for pruning unused accounts. All you need to do is login periodically, nothing more, nothing less.
* Username: .............................. * Password: ................................ * Date of Birth: ............................ * Country Or Territory: ................
No one will ever ask you to email in your password. No one. Not ever. Never.
Next to the horrible English, this is, by far, the most glaring example that this is a scam. You're being asked to email your account login ID and password to a random email address. Don't do it. You will lose your account if you do.
After following the instructions in the sheet, your account will not be interrupted and will continue as normal. Thanks for your attention to this request. We apologize for any inconveniences. Warning!!! Account owner that refuses to update his/her account after two weeks of receiving this warning will lose his or her account permanently. Sincerely, The Windows Live Team Microsoft Corporation One Microsoft Way Redmond, WA 98052
Besides the continued bad English and bizarre spacing that's present throughout the message, this is just bogus fluff to make it look legitimate. I'm surprised that they finally got the product team name correct, but the fact that the product name changes throughout the message is another sign that whomever wrote this didn't really know what they were doing.
This is a classic "phishing" scam. It's point is to fool you into divulging your account information to someone, who can then steal your account and cause you a lot of grief.
And as bad as this one is - and trust me, particularly if you don't speak English natively, this one is really, really bad - people fall for it. Every day.
Don't be one of them.
Related:
-
Phishing? What's Phishing? Phishing is a way that internet scammers trick you into providing your personal and financial details. Phishing opens the door to identity theft, and more.
-
If phishers had a clue... Most spam and phishing attempts are laughably bogus. What if they weren't?
-
Internet Safety: How do I keep my computer safe on the internet? Internet Safety is difficult and yet critical. Here are the seven key steps to internet safety - steps to keep your computer safe on the internet.
Article C3863 - September 6, 2009
How many "phisherman" do you suppose are reading and correcting their "phishing" style using your examples?
09-Sep-2009
Posted by: Pat Van Dusseldorp at September 8, 2009 10:08 AM
"...whomever wrote this didn't really know what they were doing"? Try "whoever". "Whomever" is accusative case (the object of the clause), whereas in this case the usage is nominative case (the subject of the clause) and "whoever" is appropriate. But at least it is not as bad as the common mis-usage where "whoever" (also "who") is used as BOTH subject and object!
You only have to read forums (not this one :-) to see that the general standard of English usage is appalling. So many recipients of this type of spam probably would not appreciate the grammatical points you make in this article. And for many recipients, English would not be their first language, and they might think that the spam is actually good English!
Posted by: Lynn Hancock at September 8, 2009 3:54 PM"whomever wrote this"???
just goes to prove that grammar mistakes are not always proof of a scam
09-Sep-2009
Posted by: Norbert Gruberger at September 8, 2009 4:03 PM
One other reaction I get from my supportees when they get an email or pop-up ad like this is "OMG I have a virus I can't use ma computer anymore until it's cleaned up*
As for Leo's grammar. Cut him some slack. So what if he's got a terminal grammar condition. He's a techie not a grammar geek.
Posted by: Mark at September 8, 2009 5:03 PMIf you just want to dis Leo's use of English, maybe you've just been phished. :-) (Sure, official emails often have occasional mistakes; it happens.) Picky, picky, picky!
Posted by: sirpaul1 at September 8, 2009 11:36 PMthis one comment gave me a good laugh;
How many "phisherman" do you suppose are reading and correcting their "phishing" style using your examples?
Based on history, I'd say ZERO. I'm certainly not the first to have explained it in such detail and it's still coming on strong.
Leo09-Sep-2009
Posted by: Pat Van Dusseldorp at September 8, 2009 10:08 AM
I'd have to agree with Leo here, because most of the scams that are sent out by "phishermen" are usually a cut / copy & paste job, into the new scam email, and just slightly modified to fit the new scam, be it your hotmail, or gmail, yahoo mail, etc. accounts
Posted by: XP Guest Account Acting Like Win2K Guest Account at September 9, 2009 10:21 PMor the:
"pleas send me your bank account info so I can depost $1m US into;"
scams
Microsoft is not immune to grammatical idiocy either. The one we all see all the time, and that grates on me every time I see it,is on the Control Panel Add/Remove Programs application; i.e., "Please wait while the list is being populated." It's either "Please wait -- the list is being populated" or "Please wait while the list is populated." Also, "populated" is kind of a weird term to apply to something that's not a physical place being occupied by a certain number of animals or something at least organic.
Posted by: Drew at September 11, 2009 4:48 PMYes , a lesson in English grammar as well as scamming this week.
Even so, would Americans do much better trying to scam Africans,Russians or Chinese..?
Posted by: johnpro at September 12, 2009 5:31 AMI get these often, but there are times i'd like to answer these 'nut's by entering all false information. That would give them something else to do.. but I don't do it..
Posted by: fran at September 12, 2009 10:21 AMthanks anyway
fran
I cannot believe that anyone, even a new computer user (luser) could be so naive that they would even begin to think that this is a legit email. Just goes to show.
Posted by: Alex at September 14, 2009 9:31 AMHow does grammar come into this? Grammar is a false construct, attempting to rigidly control that which is by nature fluid and changeable. All languages change with use, and their grammar changes also.