Nice try

[Marco33]

This is a blatant scam I just recieved through e-mail.

Duh, yeah George... I'll log in using my social.





Dear U.S. Bank account holder,

We recently reviewed your account, and suspect that your U.S. Bank Internet Banking account may have been accessed by an unauthorized third party. Protecting the security of your account and of the U.S. Bank network is our primary concern. Therefore, as a preventative measure, we have temporarily limited access to sensitive account features.

To restore your account access, please take the following steps to ensure that your account has not been compromised:

1. Login to your U.S. Bank Internet Banking account. In case you are not enrolled for Internet Banking, you will have to use your Social Security Number as both your Personal ID and Password.

2. Review your recent account history for any unauthorized withdrawals or deposits, and check your account profile to make sure not changes have been made. If any unauthorized activity has taken place on your account, report this to U.S. Bank staff immediately.

To get started, please click the link below:

https://www4.usbank.com/internetBanking/RequestRouter?requestCmdId=DisplayLoginPage

We apologize for any inconvenience this may cause, and appreciate your assistance in helping us maintain the integrity of the entire U.S. Bank system. Thank you for your prompt attention to this matter.



Sincerely,

The U.S. Bank Team

Please do not reply to this e-mail. Mail sent to this address cannot be answered. For assistance, log in to your U.S. Bank account and choose the "Help" link in the header of any page.

[Capmaster]

I've gotten similar scams. The most ballsy one is the Nigerian funds scam. People actually fell for that one

[Marco33]

I did reply to this scum in the customary American way... with a little new yorker accent thrown in for good measure.

The e-mail didn't come back.

[sacajaweeda]

http://outdoorsbest.zeroforum.com/zerothread?id=200606&page=1

Heh.

[Capmaster]

I did reply to this scum in the customary American way... with a little new yorker accent thrown in for good measure.

The e-mail didn't come back.

I can picture it now (in thick Brooklynese): "Hey, I got something you can scam .......right here" "Fageddaboudit" Give 'em hell. Spammers, scammers and phishers are scum who ought to be shot, burned, then shot again

[DVD_Ripper]

Jeez... I remember seeing that one about 3 or 4 years ago....

However... this one has a slight twist... the bank seems valid. I went about 8 levels deep on their site ... received some support phone numbers and called and they were good too.... Hmmmm, not sure about this one.

Great scam, if in fact they are fake.

[Capmaster]

Jeez... I remember seeing that one about 3 or 4 years ago....

However... this one has a slight twist... the bank seems valid. I went about 8 levels deep on their site ... received some support phone numbers and called and they were good too.... Hmmmm, not sure about this one.

Great scam, if in fact they are fake.

Careful - we got a warning at work for all corporate cards. This scam actually links to a legit website for the real bank. That's what makes the scam so successful - it appears genuine. Stay away.

[DVD_Ripper]

Jeez... I remember seeing that one about 3 or 4 years ago....

However... this one has a slight twist... the bank seems valid. I went about 8 levels deep on their site ... received some support phone numbers and called and they were good too.... Hmmmm, not sure about this one.

Great scam, if in fact they are fake.

Careful - we got a warning at work for all corporate cards. This scam actually links to a legit website for the real bank. That's what makes the scam so successful - it appears genuine. Stay away.

Will do.... but boy are they good... I actually clicked, subscribe for a new credit card and it linked back to a Us Bancorp site .... which looked valid.... unless their url has been 'hijacked'

[thayne]

This could be more spam than scam, just a way to get you to their site so you sign up for an account.....

[Marco33]

This could be more spam than scam, just a way to get you to their site so you sign up for an account.....

hmm... interesting.

[thecoalman]

I got two similar ones recnetly using CitiBank, I don't use citibank Page was identical to citibank website. I wonder if a lot of people fall for this. Guess they must.....

The link text displayed a legitimate site but actually went to another site. I'm kind of curious what were the properties of the original link in the e-mail. When you cut and pasted them you may have removed the original link and it was replaced with the legitimate one that is displayed.

[thayne]

This one actually goes to a legit site, that's why I'm thinking it's spam.

I get those you mention for paypal a lot....

[thayne]

This could be more spam than scam, just a way to get you to their site so you sign up for an account.....

hmm... interesting.

Think about it it, what better way to protect yourself from accusations of spam. All you have to say is, "Well, it must have been a mistake, we must have the wrong email address on file or something. We weren't advertising, we were only trying to notify our (alleged) customer of potential fraud."

[DVD_Ripper]

One point .... most valid e-marketers know (due to CANSPAM Law) that you must include a valid Postal Address on all emails.... this has none.

Toss up for me... .SPAM or SCAM or BOTH

[thecoalman]

This one actually goes to a legit site,

It does now but that is why I asked what the original properties were. You can make a text link that goes somwhere else. If the person doesn't look in the address bar they would never know they were at a different site. When he cut and pasted the link the properties for the link probably got left behind. Since this board automatically generates links for URL's it converted the text to the correct one.

Example of a spoofed link:


http://cnn.com

The worst part about the one I got was the address it went to was very close to a citibanks something like citilogon.com or something like that. Whoever created had enough balls to hot link directly to citibanks images. I did a whois search and the owner of the site was some guy in a russia or somewhere near there. It's a scam and a very good one at that. If your unfamiliar with how addresses and links work you could easily fall for this.

[Capmaster]

One point .... most valid e-marketers know (due to CANSPAM Law) that you must include a valid Postal Address on all emails.... this has none.

Toss up for me... .SPAM or SCAM or BOTH

Scam. Definitely. A clever one at that.

[thecoalman]

Oddly enough I just received a similar e-mail:



U.S. Bank Security Center: Urgent Account Update Request.

Dear U.S. Bank member,

We recently noticed one or more attempts to log in to your U.S. Bank account from a foreign IP address and we have reasons to believe that your account was hijacked by a third party without your authorization.

If you recently accessed your account while traveling, the unusual log in attempts may have been initiated by you.

The login attempt was made from:

IP address: 154.106.12.15

IS Host: cache-154.proxyes.aol.com.

If you choose to ignore our request, you leave us no choice but to temporally suspend your account.

We ask that you allow at least 72 hours for the case to be investigated and we strongly recommend not to make any changes to your account in that time.




However, if you are the rightful holder of the account, click on the link below, fill the form and then submit as we try to verify your identity:
https://www4.usbank.com/internetBanking/RequestRouter?requestCmdId=DisplayLoginPage
The above link actually went here: vsclub.co.kr/us/confirmation.htm I've disabled it for this page



U.S. Bank will request personal data.

Thank you for your trust, We will allways Service your way! Other banks promise great service, U.S. Bank guarantees it.
http://www.usbank.com/

The above link was correct.
--------------------------------------------------------------------------------

The real Registrant for this domain:


Domain Name : vsclub.co.kr
Registrant : P&G Korea
Registrant Address : Dogok 2(i)-dong, Gangnam-gu, Seoul, Republic of Korea 448-2 P&G
DB
Registrant Zip Code : 135855
Administrative Contact(AC): JI YUN SEOK
AC E-Mail : oops@drimone.co.kr
AC Phone Number : 02-440-7760
Registered Date : 1999. 09. 15.
Last updated Date : 2003. 08. 28.
Expiration Date : 2004. 09. 15.
Publishes : Y
Authorized Agency : I-NAMES(the "I" stands for "Internet") Corporation
(http://www.i-names.co.kr)

Primary Name Server
Host Name : dns1.drimone.co.kr
IP Address : 211.216.47.199


Send oops a e-mail that his Korean bank account has been suspended.

[Marco33]

i JUST GOT TH...

ef'n caps lock.

I just got the e-mail again. ^%$%@!#(*&(*&%@$

ThaT'A IT.

%$^%$& Caps lock!

[thecoalman]

ooops, I'm sorry oops isn't the registrant. Nix that....... Slimy bastards, ought to send them a email that automatically redirects to the FBI homepage....

[thecoalman]

To follow up on the one I got that sites homepage was listed in the DMOZ directory which is probably the most sought after listing for a website. It gives it relevance since all sites listed are reviewed by a actual human.

I don't think they will be there much longer, I forwarded the e-mail to a reviewer there.

[thayne]

https://www4.usbank.com/internetBanking ... yLoginPage
The above link actually went here: vsclub.co.kr/us/confirmation.htm I've disabled it for this page

Well that changes everything. It's obviously a scam

[thecoalman]

Best thing to do before clicking any link your unsure of is let the cursor hover over the link. The actual address will show up in the lower left hand corner when using IE or OE. Not sure about others.