Not that long ago I got this:
When was the last time you got a phishing email? Not that long ago, I bet. Me too. There is nothing unusual in it, nowadays we get so much of it that we simply get used to it and usually just silently delete or ignore it (if spam filters don’t do it for us).
So, why am I talking about this? Well, because of a funny coincidence. Or maybe it wasn’t that much of a coincidence… Here is the story.
Not that long ago my VISA card was about to expire. I’ve ordered a new one, but I didn’t rush myself to activating it as I still had the old one. So the new card landed on a shelf waiting for its time to come. Then, after a month or so I decided to finally activate it. An important note here is that I didn’t remember getting even a piece of VISA phishing email ever before. It didn’t mean I never got it, it just meant nothing like that had gotten my attention for quite some time.
And suddenly, within minutes, I got one! Whoohoo! The nice piece of email pictured at the beginning of this post landed in my mailbox. Then it repeated once or twice a day or two later and stopped. My first reaction was that I got myself some malware that got hold of the credit card activation process and triggered the mailing. But it wouldn’t make much sense. If I had something locally (and I hadn’t, as all sorts of scans showed some time later), what would stop it from reading my previous credit card number and all the authentication information when I submit it during an on-line transaction? It wasn’t on the line with the bank either, as the connection was securely SSLed. So, how come? It might have been an accident, of course, but… a funny one…
The whole thing got me thinking. And what if this information leaked from VISA themselves (I’m not even trying to guess how it could happen). Yes, I know it sounds stupidly paranoid, but, well, you know… things happen. So, if you experienced something like this, I would be really happy to hear from you. I’d at least know I’m not delusional (or not that much at least).