Re: Phishing attempt

[Joe St Sauver <joe () OREGON UOREGON EDU>]

Theresa mentioned:

#One of our professors received the message below in his e-mail inbox last
#night.  Have any of you seen this one recently?  I know it was making the
#rounds about a year ago.

[sample extortion message elided]

This is a routinely seen 4-1-9 variant, and while it is disturbing to
receive one of these, it is extremely unlikely that it represents a
credible threat. That said, in part to build the record for when these
guys *do* get caught, and because there's always the slim possibility
that you might run into the 1-in-a-million incident that isn't a hoax,
the professor who received it may want to file a report with local
law enforcement.

Google will also disable the drop box that's being used if you contact
them; see http://www.google.com/contact/security.html

I should mention that personal risk can increase dramatically if a
person responds to one of these letters with personal details, or
can get even worse if they travel overseas to meet with a 4-1-9'er.

I provide one "worst case" example of this as part of my talk
"A Succinct Cyber Crime Tour Meant To Illustrate By Way of
Assorted Examples The Sort of Online Crimes Which Are
Occurring -- And Why We Need More Cyber Crime-Trained Attorneys,"
http://www.uoregon.edu/~joe/tour/cybercrime.pdf (or .ppt),
page 48-53.

Regards,

Joe St Sauver (joe () oregon uoregon edu)
http://www.uoregon.edu/~joe/