Incompetent phishing?

Here’s a strange one, mixed in among the usual daily crapola of Important Security Messages from PayPal and a bunch of banks that I have no affiliation with…

(The ones that are clearly nonsense I delete before opening. Notes email client is helpful with the PayPal and others where I do have a relationship: When your cursor is over the link they want you to click on, the actual address shows on the bottom of the screen; saves having to show source…)

So here’s one “from PayPal” today, with two links, both supposedly secure links to units of PayPal.

The actual links are identical, and of course aren’t secure. But, instead of being some .kr or .ch or IP number or “pseudo-PayPal” (with “PayPal” coming after the domain name)…both links are to www.yahoo.com. Nothing more.

I wonder just what the phishers hope to accomplish by getting me to look at Yahoo?

(Not that incompetence in computer fraud is anything new: After all, some of the biggest virus/worm problems arose because the crackers didn’t know what they were doing.)

2 Responses to “Incompetent phishing?”

  1. Either they’re in fact links to yahoo in terms of using that site for REDIRECTION, or that’s what was intended and they goofed in setting up the redirection URL.

  2. walt says:

    I did look at the source. The URL, in full, is
    http://www.yahoo.com

    [That’s the hidden URL. The visible URL is an HTTPS PayPal URL, as always in such phishing expeditions]

    I think you’re right: They goofed in setting up a redirect…