Needed: spellar and gramming lessons for phishermen
-
Fuck's sake.
I honestly cannot understand why people fall for low-rent shit like this. I mean, I'm assuming that somebody does, or it wouldn't get sent... would it?
-
I'm assuming that somebody does, or it wouldn't get sent... would it?
The cost of sending is just barely above 0 (the cost to set up split among each of the millions sent), so even if a hit is really rare it still will pay for itself pretty easily.
-
I mean, I'm assuming that somebody does, or it wouldn't get sent... would it?
I've always assumed the same. Maybe someone who's English is the same quality might?
-
Aiming for someone accidentally clicking on it maybe (though based on the number of "watchout someone infected themselves again" emails I get from IT at work many of my coworkers click everything always)?
-
I honestly cannot understand why people fall for low-rent shit like this.
I'm not sure about the virus senders, but for 419 scams I've read somewhere that it's a deliberate tactic. First, you only want to deal with gullible people who won't smell bullshit once you ask for money, and second, some of the spammers are apparently obfuscating stupidity, aiming for the "ha, ha, I'm so much smarter than that dumb Nigerian, I can totally con him out of his money!" reaction.
-
-
-
I'm not sure about the virus senders, but for 419 scams I've read somewhere that it's a deliberate tactic.
That must be true:
https://youtu.be/_Jih7Dts58c?t=744
-
I'm not sure about the virus senders, but for 419 scams I've read somewhere that it's a deliberate tactic.
It comes from a Microsoft research paper
-
I'm not sure about the virus senders, but for 419 scams I've read somewhere that it's a deliberate tactic. First, you only want to deal with gullible people who won't smell bullshit once you ask for money
All that a phishing email is after is people gullible enough to click through the bogus link to the bogus login page and enter their real username and password. So if there is a genuine considered motivation behind the execrable English in so many of these things, it must serve only to limit the number of people who actually get as far as clicking the link.
The only good reason I can think of for deliberately biasing your link-clicking population toward the careless and unobservant is that these are the same people unlikely to notice that the page asking for their password is not their webmail provider's real login page. The only way that would be advantageous is if serving that page costs the scammer enough money to make it worthwhile maximizing the proportion of hits that result in collection of genuine passwords.
I will often click through one of these links, using NoScript in a private browsing window so as not to end up with cooties, and attempt to log on as
try@harder.cunt
with a password ofdumbfuck
(I have a KeePass entry just for this). Costs mere seconds and cheers me up for minutes. But having now thought this through, I'm motivated to set up a bot that reads a list of phishing landing pages and just hammers them with repeated refresh fetches until they 404.
-
a bot
I think you got your pluralization wrong.
We have Amazon AWS for a reason guys...
-
-
What's the going rate for processing power in a zombie botnet these days? How cost-effective are they compared to something like EC2 spot instances?
-
What's the going rate for processing power in a zombie botnet these days?
that depends, are you running one, or just buying time on one?
How cost-effective are they compared to something like EC2 spot instances?
if you're running one, surprisingly cost effective, until you get caught by the authorities.if you're buying time on one, about even, unless you get caught by the authorities.