Friday, November 5, 2010

Sure my bank wants to install software

It is time for me once again for me to roll my eyes at the spam mail I get. This the email is supposely from a bank (the reason I know that this is a phishing campaign is that I do not have an account with this particular bank).

Dear Sir/Madam

Due to the recent Malware and Phishing attacks encountered by our customers, First National Bank has made it mandatory to all Customers to download the Rapport Software that will help fight against it.

I am sorry, but I would promptly quit using any bank that required me to download any software. The bank should be happy with whatever anti-virus software I am already using. And I have no idea what Rapport Software does (even when it is not part of a phishing campaign).

The email continues, noting that the bank records indicate that I have not downloaded the latest version of the software. Then we come to the social engineering part of the email.

It is your responsibility to protect your account by installing this new patch as a precautionary measure.

If you do not log on to download this software now, Firs national bank will not be liable for any theft that may occur on your account.

(Note that the last sentence is exactly how they wrote it; spelling and capitalization errors are all theirs.) It is the threat that your bank is not going to make good on any fraud unless you do as they say. Ironically, the bank will probably not make good on your losses if you are dumb enourgh to actually download the software.

And the reason that I am blogging about this email here instead of my writing blog is the fact that this particular bit of social engineering reminded me of the consequences that recent election ads threw at us.

If so-and-so is elected, then dogs and cats will live in sin and America as we know it will become China. It is your responsibility to vote. If you don't vote to keep this Democrat out of office, then the Republic Party will assume no responsibility for the mess that the nation is in.

Social engineering in action---you got to love phishing and political campaigns.

1 comment:

Naila Moon of the Grey Wolf said...

You actually should inform the real National Bank that this has been sent to you because they need to alert their real customers. They also need to be aware that e-mails are being sent out under their bank name.