Comments on: Fascinating phishing attack — the links are fine, but watch out for the toll-free number!

By: Kurt

Kurt — Tue, 02 Dec 2008 20:14:42 +0000

This scam is back… with a new number: 1-(888) 691-9062
and a new website… a FAKE capitalone site: http://217.41.36.107/images/home.htm

ARRGGG! The bastards.

By: ssr

ssr — Thu, 04 Sep 2008 19:34:41 +0000

got one with the same misspellings for US Bank using this #: 1-800-218-6941. Checked the US bank website and they have this email for reporting fraud: fraud_help@usbank.com (from URL http://www.usbank.com/cgi_w/cfm/promo/personal/fraud_reporting_email.cfm). Funny also that the gif for the US Bank logo they used was taken from this website: http://www.juniortheatre.com/shows/2005-2006/holes/US-Bank-Color.gif

By: David

David — Fri, 29 Aug 2008 23:11:47 +0000

They got a new number.
1=800=291-1649

By: Mark

Mark — Thu, 31 Jul 2008 09:58:19 +0000

Actually, I just realized they can’t spell.

“Please Call Us Regarding Recent _Resctriction_”

“Please disregard this e-mail if you’ve already _call us_ since the date this e-mail was sent. “

By: Mark

Mark — Thu, 31 Jul 2008 09:45:30 +0000

I just got this e-mail today. It looked entirely legitimate too, except for one small problem… I don’t have a Capital One card. I didn’t call the number so I was wondering what exactly this “spam” e-mail wanted from me. It got through Gmail’s spam filter too… the bastards! Thanks for posting this blog!

By: Sofia

Sofia — Thu, 31 Jul 2008 03:56:47 +0000

I got this email today, just hours after I activated my first Capital One credit card. It didnt make sense to me because I had only made a $14 purchase and my online banking looked totally normal. The thing that really caught my eye however, was the fact that “resctriction” was misspelled. That set off lots of bells, so I googled it and came here.

This is really scary to me. The first day of owning my very first credit card and already im getting hit with scams. I just have to be vigilant I guess. Dont reply to any emails with personal information and always call the number listed on the website, nothing else.

I forwarded my email to abuse@capitalone.com. I hope some good comes of it.

By: Linda

Linda — Wed, 30 Jul 2008 22:53:42 +0000

I just received the same e-mail. I actually found this page by entering hte phone number in google.
When I get phishing mail using real company info, I always go to the company’s legit website and search for their phishing contact. Then I forward the complete e-mail, including headers, changing nothing. Sometimes I get a reply thanking me and letting me know it was indead a phishing e-mail.

By: Kiddo

Kiddo — Wed, 30 Jul 2008 21:22:11 +0000

I just got the same crud email and forwarded it to the addresses Jik pointed out. Just putting my drop in the bucket…

It really scares me how many folks will fall for this kind of thing.

By: jik

jik — Wed, 30 Jul 2008 20:35:35 +0000

I just forwarded a copy to abuse@capitalone.com, phishing-report@us-cert.gov, reportphishing@antiphishing.org, and spam@uce.gov.

But I doubt it’ll do any good.

By: jik

jik — Wed, 30 Jul 2008 20:27:30 +0000

I just called Capital One at the number on their Web site, 800-955-7070. I was connected to a clueless Indian offshore guy, who put me on hold after hearing my story and then came back and gave me the supposed number for their fraud department, 800-427-9428, and then he transferred me to it.

After holding for a while, I was connected to another clueless Indian offshore guy, who first showed that he completely didn’t understand why I was calling by trying to get me to give him my social security number so that he could check if the phishing people had created an account in my name. Then he put me on hold too. He came back a few minutes later and told me (a) not to respond to the email message (duh!) and (b) to email a copy of it to abuse@capitalone.com (yeah, right, like that’ll result in any sort of timely response).

*sigh*