Brutally honest phising spam

I got a refreshingly direct and honest phishing spam email today; in fact the only real complaint I have about it is how confusingly it’s written. It simply asks you to send them your username and password. No tricks, no fancy hidden links or disguised graphics. Just a plain old request for your password via email.

Dear Webmail User,
This message was sent automatically by a program on Webmail …
Your mailbox has exceeded the storage limit set by your administrator. …

To help us re-set your SPACE on our database prior to maintain your INBOX,you must contact your system administrator by replying this e-mail and enter your: Current Username: { } and PW: { } to increase your storage limit.

Thank you for your cooperation.

The best thing is: what username and password? They don’t even know what email system you think you use! I suppose I’d have to guess they’re targeting hotmail users for storing dictionaries of user/password word frequencies, since the only two links are to hotmail and live.com.

The mail came from Rubinoc@arcadia.edu apparently at BISHOP.arcadia.edu for those curious.

One thought on “Brutally honest phising spam

  1. We had the same phish hit our campus. They used the captured credentials (yes, people did reply) to re-send the same spam.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.