I guess we have scams like these to make us wary and wiser.  Which is  
a good thing.  What's tough is that there still aren't good ways for  
people who aren't conversant in nslookup, looking at raw email source  
text, and deciphering email headers to verify authenticity.  It's no  
wonder that when CIT recently sent notices to people whose network  
registration was about to expire, I received an inquiry about whether  
it was a scam.  The notice itself described ways one could tell it  
was legit, while phishing scams go to great lengths to sound official  
without actually giving any useful verification information:

> If you are concerned that this message is a computer virus, worm,  
> or attempt at social engineering, you can confirm this message by  
> calling the Help Line at (802) 656-2604, or forwarding this message  
> to [log in to unmask] You can also check the legitimacy of the  
> certificate. Enter into the  
> Location bar of your web browser, and once the site comes up,  
> double-click the padlock icon in your browser window, typically in  
> the lower right-hand corner. From the dialog box that pops up, you  
> should be able to confirm that the site "" is owned  
> by "University of Vermont & State Agricultural College".

Clearly, those composing legitimate messages need to keep providing  
means to verify authenticity, along with education about what to  
trust and what to reject.  In the mean time, I'm thankful for the  
phishing hallmarks of poor grammar, awkward phrasing, and misspellings.

-Dean W.

Dean Williams
Assistant Director
Division of Computing & Information Technology
[log in to unmask] | 802-656-1174 | FAX 802-656-0872

     Check the status of UVM networks and servers
     any time at 656-1234.

On Mar 5, 2006, at 10:01 AM, Carley Tillinghast wrote:

> There have been some scam emails going around that look like they  
> come from paypal. Paypal has set up an email address for these  
> emails to be forwarded to so they can go after the people that are  
> sending these. You can forward the scam emails to [log in to unmask]
> You can read more about this on Paypals website with the following  
> link
> outside
> Carley Tillinghast
> IT Professional
> 6-0731
> Alison Pechenick wrote:
>> Mornin' all,
>> Has anyone else been receiving a series of support@PayPal e-mails  
>> recently, reporting account updates of new e-mail addresses, non- 
>> payment notices, and bogus account activity?
>> The "click here to view/update/refute your information" address  
>> dead-ends on nslookup.
>> Obviously, I'm watching my credit cards, but these look like yet  
>> another way to alarm someone into follow a malicious link.
>> Regards,
>> Alison