[SURBL-Discuss] Why you should check Phish IPs first :/

Herb Martin HerbM at learnquick.com
Sat Aug 6 09:38:18 CEST 2005

> Definitely an interesting tactic to imitate D & B.

I agree, which was what stood out about the sneakyness.

Basic pitch (with possible user reactions in parens):

  Mail from D&B  (Oh, that could be important to my busines)
  Recent activity on your credit rating 
		(Oh my, is this for real?  That's scary)
		(Wait a minute -- I haven't done any 'credit'
		stuff -- this could be a PHISH or FRAUD!)
  We at D&B want to sell you a service to watch over this...
	(Oh, it's really D&B and they are trying to SELL me

The phish possibility is likely forgotten; Final reactions:

(Complaint to D&B about spam; delete or investigate the purchase;	

Only in the latter case does the phish get a shot, but that 
jui-jutsu (or close up magician's trick of misdirection) is
very powerful psychologically.

Herb Martin

More information about the Discuss mailing list