New and improved phishing tricks

I received a couple of phishing emails in the past few days that struck me as more imaginative than previous versions.

One, purportedly from booking.com (a real website, incidentally), has an attached zip file (that I haven’t looked at, of course).

Here’s what the message looks like (note that the phone numbers themselves were real, and at least one of them is harmless, but I edited them anyway.):

Booking.com online hotel reservations

Booking confirmation
884358019

Date: Tuesday, 14 February 12 Adobe Inn

Dear,

We have received a reservation for your hotel.

Please refer to attached file now to acknowledge the reservation and see the reservation details: 


Arrival: Sunday, 19 February 12 Number of rooms: 1

If you have any questions regarding this reservation, please feel free to contact us. Telephone: English support 1 888 xxx-xxxx, Spanish support 1 866 xxx-xxxx; Fax 1 866 xxx-xxxx; E-mail customer.service@someplace.somewhere

Yours sincerely, Booking.com

Needless to say, I haven’t booked anything with these folks, but it would be very tempting to open the zip file just to see what this is all about.

And very dangerous. The zip file probably contains a program which will run upon being unzipped, and will infect your computer.

An even weirder one came late last week. I’ve never seen anything like it, so I’ll just copy the text here and you can enjoy…

ATTN.

Read this letter very carefully, and fail to ask how I got your
Contact because I do not want to reveal my identity, and this could be
The last one you read from me if you fail to co-operate.

I run a Cathel we have been paid to assassinate you. I have every
reason to carry out my mission cause i have been paid for it but I
decided to give you a chance and your life and that of your family
from the endless pain.

I was paid 50,000Usd to kill you.But the allegation brought to me was
not enough reason for me to just kill a person like you and make your
family suffer a very big lost .i also have your picture with me .

I will give you AFTER GUIDELINES ON WHAT TO DO NEXT, to avoid this and
save your SELF and your family. For Your Own Good, must keep to your
self BECAUSE YOU DO NOT KNOW WHO IS AGAINST YOU,I want you to keep
this as a secret until i forward you the video tape of the people that
wants you assassinated so that you can nail them down after while am
gone..

I really don’t know why i want to help you but thank your stars cause
i have killed about 65 Business men and woman withing the past two
Months. eyes are on you so don’t try anything stupid . Get back to me
as soon as you get this message so that i can tell you all to do for
the safety of your life.

NOTE:YOUR LIFE IS VERY IMPORTANT AND YOU DON’T HAVE A SECOND LIFE ACT
FAST AND WISE.

Bottom line:  don’t believe any message that asks you to phone or email anybody unless you already know who they are, and know that the addressee is correctly spelled.


How to take a laptop abroad (or not…)

Not all of us know that taking a computing device out of the country is risky business. Once you leave the country, entering some other country, or re-entering your own essentially eliminates your 4th Amendment rights against search (this is a different kind of elimination than what you encounter when you fly, incidentally–that’s because flying is ‘voluntary’ so you are not being forced to undergo a search. Or so say the courts).

The Electronic Freedom Foundation has a very useful guide to what you can and can’t do, and what you can and cannot expect when you travel out of the country with a laptop:

 

https://www.eff.org/wp/defending-privacy-us-border-guide-travelers-carrying-digital-devices