Monday, March 29, 2010

Gone Phishing

I got an e-mail the other day:

Dear U.S. citizen,

• 5,000 American Airlines AAdvantage(R) bonus miles:
( Earn 5,000 bonus miles with the American Airlines Survey for year 2010 )

and
• $50,00
( The $50,00 will be debited within 48h )

Earn AAdvantage(R) miles for award travel on American Airlines or over 20 airlines, stays at hotels worldwide and car rentals with the AAdvantage(R) program.
Discover the benefits of membership in American’s frequent flyer program. View current news and information about the AAdvantage program.
The AAdvantage(R) program is American’s travel awards program. It was the original travel awards program, established more than 25 years ago, and today is the world’s largest program. In addition, members earn miles when staying at AAdvantage hotel partners or when renting a car from a partner company.
Currently over 30 hotel partners representing more than 60 brands and all seven major car rental agencies are AAdvantage partners.
Miles can be redeemed for a variety of travel awards around the world on American Airlines, AmericanConnection, American Eagle and our airline partners.
Enjoy American Airlines AAdvantage(R) Survey:
Your $50 & 5,000 miles bonus code is: AA-US-28189
Complete the attached form and follow the reward steps.

Thank you very much for your help and your patient and hope you will enjoy the American Airlines reward program in the future.

Sincerely,
Sandra L. Weller
sandra.weller @ aa.com

American Airlines Reward Department
American Airlines
P.O. Box 689182
Des Moines, IA 50368-9182

Okay, can anyone out there tell me what’s wrong with this picture? Don’t raise your hand, just shout it right out if you think you know.

That’s right, it’s a phishing e-mail from someone trying to separate me from my money by masquerading as the American Airlines AAdvantage frequent flier plan. How do I know it’s not on the up-and-up? Let me count the ways. First, it addresses me as “U.S. citizen.” Second, although it purports to come from someone in the U.S. (Sandra L. Weller in Des Moines, IA) it’s written in stilted English (“Thank you very much for your help and your patient and hope you will enjoy the American Airlines reward program in the future”) and it uses the European fashion of decimals by using a comma instead of a period ($50,00). Third; anyone who knows anything about frequent flier programs knows that they are usually free; you do not have to pay to enroll in them.

Most of these scams come from Russia or Central Europe, as opposed to the comical ones from Nigeria or Cote d’Ivoire. I have a feeling that when “Sandra L. Weller” isn’t trying to rip me off, she’s plotting beeg trouble for Moose and Squirrel.

Like most people with e-mail, I get these all the time. When they’re the obvious ones from banks I never heard of, I snicker and delete them; sometimes, when it’s masquerading as a company I do business with such as my bank or PayPal, I take the trouble to forward it to them so they can log it; PayPal tells you to forward it to spoof@paypal.com. But most people I know delete them without even opening them; in fact, if your anti-virus software isn’t up to date, it’s not a good idea to open them at all because they can trigger a Trojan Horse program that installs itself on your computer and takes your information without you even knowing it. This one from “American Airlines” was so clumsy that I knew it was safe to open and then hold up for mockery.

So the next question is, if this kind of thing is so obviously bogus, why do the scammers keep sending them out?

Simple: it works. In spite of all the warnings and all the obvious clues that this isn’t from American Airlines, I’m willing to bet that “Sandra L. Weller” got a bunch of people to fall for this bait hook, line and sinker. Millions of people around the world do it every day. I know a lot of very intelligent and thoughtful people who have been phished; the scammers are getting very good at their techniques. One of the most ingenious ones I’ve seen is one from the Nigerian Ministry of Finance that says they’re conducting an investigation into fraudulent e-mails emanating from their country and they’d like my cooperation to see if my bank account has been hacked. All I have to do is submit my account number for verification….

It’s not just the foolish or the greedy who think that by paying someone in Nigeria $300 they’ll inherit “100,000 millions $” or that they can fly first class on their next flight for “$50,00”, and it’s not just get-rich-quick schemes that people fall for. And it’s not just a child of the Information Age; organized religion has been peddling the talking-snake oil for centuries. The internet has made viral the back-fence gossip and we’ve all gotten the e-mails forwarded from friends and relatives that tell us that they have found President Obama’s real birth certificate (he’s from Cardassia), or that he signed an executive order giving millions of dollars to Hamas. They go back to the Clinton administration and they didn’t stop when George W. Bush became president; I got e-mails (and still do) claiming that 9/11 was an inside job. That shows that internet scamming is, at least, bipartisan; politicians have found that they can raise a million bucks overnight based on a soundbite.

But this also tells me why something like the Tea Party movement has taken off. Aside from the politics, when it comes to passing along a story, whether it’s true or not, we humans have a remarkable tendency to trust information that either reinforces a particular point of view that we harbor — “See, I’m not the only one who thinks that” — or it makes a promise that for an instant we think will benefit us — “Can I really make $10,000 a month addressing envelopes?” And even if they may doubt what they read, or worse, don’t have an informed opinion about what they’re being told, they fall for it. Even when there is an obvious contradiction of logic — “keep your government hands off my Medicare” — or a complete lack of irony in that one of the advocates of vandalism against the people who voted for healthcare reform is a man who depends on government disability checks for his income, it doesn’t seem to dawn on them that they are either misinformed or are being deliberately manipulated by people like “Sandra L. Weller” who knows there are pigeons to be plucked and windows to be broken. (Any truth to the rumors that they’re being instigated by some people behind the scenes at Jeld-Wen?) The message gets out, and since it’s on the Internets, it has to be true.

It’s a balance between the cynical — “See, I told you he was a gay communist Socialist Muslim from Kenya!” — and the hopeful — “Forward this e-mail and the Baby Jesus will send you flowers” and it all gets swallowed up by people who desperately hope that reality and life isn’t as mundane as they’re really afraid that it is.