I’m embarrassed to say I haven’t blogged for about four months. I’d like to claim I have a good excuse, like I was writing wildly successful emails for the Obama campaign or fomenting revolution somewhere in South America (does anyone ever foment anything but revolution?). Sadly, those would be lies. I was just lazy.
But that’s all changing now that Anna has threatened to dissolve our partnership unless I start contributing. For the rebirth of my blogging career, I’ll take a look at some spam that landed in my inbox last week.
The way I see it, if you’re going to do evil, you’ve got to do evil right. That means being not only immoral but also professional.
So I was disappointed to note the quality of the aforementioned spam. Let’s take a line-by-line look …
From: PayPal <firstname.lastname@example.org>
> Oh, right, my UK-based PayPal account.
> Well, at least they got that right.
Subject: Please update your PayPal account informations
> Say hello to “informations,” the little used plural form of “information.”
> A serviceable, if uninspired, salutation.
Please update your records . A failure to update your recoreds may result
> Um … can’t these guys afford a decent proofreader?
On a suspension of your account . To update your PayPal recods :
> Wow, an unfortunate line break and misplaced capitalization. And again with the proofing …
> A flawless line!
1. Click the link below to open a secure browser window.
> Two in a row!
2. Confirm that you’re the owner of the account, and then follow the instructions.
> Very good, they used “you’re” rather than “your.”
Click here to update your PayPal informations
> Sigh, there are so many informations to update!
This new security statement will helps us continue to offer PayPal as a secure and cost-effective payment service.We appreciate your cooperation and assistance.
> I’ll do whatever it takes to helps you do that.
Sincerely, The PayPal Team
> A world-class closing!
Please don’t reply to this email. It’ll just confuse the computer that sent it and you won’t get a response.
> Now that’s the kind of clever I expect out of someone trying to rip off the hopelessly naïve. Nicely done.
The lesson here: If you want to succeed as an evil phishing guy, you have to pay attention to the details. Better luck next time, whoever you are!