Readers of this blog know phishing scam e-mails range from the relatively unsophisticated to those that can fool financial services experts. I've pasted a middling sort of phishing letter below to make the point: If you're good at spelling and grammar, you can spot just about any phishing scam letter.
Most of my high school teachers were Jesuits, and it was Fr. Edward P. McTighe, S.J., that drilled the mechanics of grammar into my head. (Ironically, though, I owe my career to Mrs. Shuster, my 10th grade typing teacher).
So in honor of "Evil Eddie," as some students called him, here's how grammar and punctuation errors flag this note as flim-flam. Problems in italics, explanations in bold.
Dear Washington Mutual Customer,
Washington Mutual is constantly working to ensure security by regularly screening the banking accounts in our system. We recently reviewed your banking account, and we need more information to help us provide you with secure service. Until we can collect this information, your access to sensitive banking account features will be limited. We would like to restore your access as soon as possible, we apologize for the inconvenience. There's the first clue.
Evil Eddie would call that sentence a run-on. It's two separate sentences with subjects, verbs and direct objects ("for the inconvenience" is a noun clause). It needs a conjunction, like "and," but just a period after "possible" and a new sentence would be better.
Why is my banking account access limited ? This one's very minor, but there's an extra typographical space between the last letter of the sentence and the question mark.
Your banking account access has been limited for the following reason(s):
We have reason to believe that your banking account was accessed by a third party. Because protecting the security of your banking account(s) is our primary concern, we have limited your access to sensitive Washington Mutual banking account features. There's a big dangling modifier clause at the beginning of this sentence. A professional writer of memos would probably have switched the order: "We have limited your access to sensitive Washington Mutual banking account features, because protecting your account security is our primary concern." Actually, "sensitive Washington Mutual banking account features" is kind of a giveaway. Wny not just say: "We have limited your online access to your account."
We understand that this may be an inconvenience but please understand that this temporary limitation is for your protection. So here we have two complete sentences separated by a conjunction, which calls for a comma after "inconvenience."
Your case ID for this reason is 0xD2.0x8D.0xDF.0x4B.
How can I restore my account access ? Here's another extra space before a question mark.
Please Log On under your personal link into your banking account and update your account information:
Who says "Please Log On" with three capital letters? Someone who learned English at Polytechni Bucuresti. And don't click on links in e-mails like this, but you knew that already.
Completing all of the checklist items will automatically restore your account access.
Actually, completing all of the checklist items will give some bunch of jolly lads in Plovdiv the info they need to clean you out.
Be aware that until we can verify your identity we will have no other liability for your account or any transactions that may have occurred as a result of your failure to upgrade your account as instructed above. Okay, that's just plain flapdoodle, besprinkled with some quasi-legality.
Washington Mutual Security & Control Department. Okay, here's another little one: You don't put a period after a generic signature. Well, maybe in Kaliningrad, but not here.
© 2007 Washington Mutual All Rights Reserved
Thanks! I don't actually bank at WaMu, anyway, so you guys should buy better spam leads. Or steal better databases.