Why are phishers so lazy?

Image (1) ebey.jpg for post 11961

Maybe I should be grateful, but it amazes me sometimes just how lazy phishers and cybercriminals generally can be.

Take this example, for instance.

eBay phishing message

It’s a regular eBay phishing scam – designed to try and fool you into clicking on the link and handing over your eBay username and password. There are many many of these sent every day.

Nothing unusual there.

But what is different in this case is the laziness they have demonstrated in disguising that they are not really eBay. If you look at the email address they have used to send it from, it says aw-notice@ebey.com.

It only takes seconds to fake an email address – if they had employed someone to do quality control they would have spotted that should have said aw-notice@ebay.com in a second.