A peep into the most recent listings in my Gmail spam folder (currently holding 716 messages since last purged on Sept. 7) reveals some funny stuff. Some of the most bizarre (non-’enlarge your penis’) solicitations:

From “Editor Bob”:
I write to you, so we stay in touch and that I do coz I believe I’m like a raindrop. Yes, though the raindrop maybe small, somewhere a thirsty flower awaits it to drop. Here I am to quench your thirst. Let’s go shower the world with our love.

From “Diego Cunningham”:
Offering up to $500 Bonuses. 140+ games including progressive jackpot games.
“We were so close to being one of the actual victems. [sic] It makes you feel humble.” Robert Lee Bedker

But these are not the focus of today’s blog post. No, what I’d like to discuss are the emails of the “business venture” variety, such as the one copied here, verbatim, from “S. Jan Rudolf.” (Disclaimer: I am not in any way suggesting that you visit Rudolf’s links…)

Dearest One,

I am ADVOCATEN S. Jan Rudolf, A solicitor at law. I am the Personal Attorney to Engr. David Brand Roberts. On the October 5,1999, my client was involved in a trains crashed near Paddington Station,which is less than a mile north of Notting Hill. This is one of Britain’s worsttrain crashes in fifty years.You can see the web of incedent.

http://www.kidsnewsroom.org/testmember/100899/aw_100899_01.htm

http://news.bbc.co.uk/1/hi/uk/467919.stm

http://news.bbc.co.uk/1/hi/special_report/1999/10/99/london_train_crash/465

503.stm

I have contacted you to assist me,in repatriating most especially,the assast that were left behind by my late client before they get confiscated or declared unserviceable by the bank where this deposit is lodged,valued at 12 million dollars, which hasissued me a notice to provide the Next of kin to my late client, or have the account confiscated.Since there is a government gazette/circular mandating/authorizing banks to place onhold or freeze any account containing huge sums of money that has been unserviceable for a reasonable period of time.This is geared towards forestalling capital flight from the economy.

My proposition to you, is to seek your consent to present you as the Next of kin and beneficiary of my named client,so that the proceeds of this account valued at 12 million Dollars can be paid to you,and then we can share the amount on a mutually agreed percentage.30% will be for you,50% for me,10% for a reputable charity home because the money I owned by a deceased man and 10% set aside for any expenses during the course of this transaction.

All legal documents to back up your claim as the deceased Next of Kin,will be provided.All I require is your honest cooperation to enable us see this transaction through. This will be executed under a legitimate arrangement that will protect you from any breach of the law.If you are interested please do forward to this office the following.

1. YOUR AGE
2. YOUR ADDRESS
3. PHONE AND FAX.

If this business proposition offends your moral values,do accept my apology but if not,then you can contact me at my Email address: advocatjanrudolf@aim.com once to indicate your interest.

Best Regards,
ADVOCATEN S. Jan Rudolf

First, who’s with me in asking, incredulously, Who falls for this bullshit? Are these the same people who read (and trust) their horoscopes, buy into 9/11 conspiracies, or believe that vaccines cause autism?

This kind of spam letter, which tries to get unsuspecting (and, ahem, idiotic) readers to give up personal identification information, is called a “phishing attack.”

Several groups have stepped up to fight phishers. “Cyber vengers” pretend to play along with the spammers, and eventually trick them into chasing accounts that don’t exist, or photographing themselves with demeaning signs—like I AM A SHEEP SHAGGER—or even carving, in great detail, a keyboard out of wood. (For more about this, check out “How to Trick an Online Scammer into Carving a Computer Out of Wood” from June’s Atlantic Monthly.)

That tactic, though hilarious, doesn’t do much for the geriatrics who get robbed by these cons. Now a group at Carnegie Mellon is solving the problem from the other side, by sending the naive readers spam-type emails that dupe them into visiting educational websites that will teach them to watch out for the real frauds. Clever!

As the Carnegie Mellon press release explains:

In the study, three groups of 14 volunteers participated in role-playing exercises in which they processed email, which included a mix of phishing, spam and legitimate email. Those in the “embedded training” group, who were given anti-phishing educational materials after they had fallen for a phishing email, spent more than twice as much time studying the materials than those who were presented the materials without first being tricked. Those who were presented the materials without being tricked were no better at identifying phishing emails than those who received no anti-phishing educational materials. A week later, when the exercise was repeated, those in the embedded training group were significantly more successful in identifying phishing emails than those in the other two groups — 64 percent of phishing emails identified by the embedded training group versus 7 percent identified by the other two groups.

The researchers will present their results Friday, at the Anti-Phishing Working Group’s (APWG) eCrime Researchers Summit in Pittsburgh.