Question:

Puzzling phishing scam?

by  |  earlier

0 LIKES UnLike

This is going to take a bit to explain. I periodically go through my junk folder looking for phish to report. Today I had three from "PayPal". The first contained a standard man-in-the-middle link, directing me to the legitimate PayPal site but routing the packets through a foreign server. I traced the IP to a webhost in the Netherlands. I reported it and moved on. The second was identical in content, right down to the grammatical and spelling errors, but the link traced to a university in China. I've had limited success reporting these things to the Chinese, so I decided to let hotmail handle it. The third was again identical, this time tracing to a webhost in Canada.

It's the middle one that puzzles me. If it had been three commercial sites, I'd be impressed by the diligence of the phisher for spreading his sites so far apart, but I can't figure how he got an account on an edu site in China. All I can think is either they're getting so lazy that they just clone each other's emails or we have a Chinese student so stupid that he's willing to urinate in his own pond. I find neither of those scenarios particularly convincing. Any other ideas? How does a phisher get an account on an educational server in, of all places, China?

 Tags:

   Report

3 ANSWERS


  1. your computer skills amaze me


  2. the chinese are brilliant scammers..almost as good as the nigerians

  3. To obtain an .edu site the applicant must apply directly to Educause and prove their status as an educational institution.

    .edu sites are usually exclusive to the USA, but also in some countries, .edu.xx is an ordinary domain with no special significance and this may be the case in China.

Question Stats

Latest activity: earlier.
This question has 3 answers.

BECOME A GUIDE

Share your knowledge and help people by answering questions.
Unanswered Questions