Why are phishers so lazy?

Graham Cluley
Graham Cluley
@[email protected]

Maybe I should be grateful, but it amazes me sometimes just how lazy phishers and cybercriminals generally can be.

Take this example, for instance.

eBay phishing message

It’s a regular eBay phishing scam – designed to try and fool you into clicking on the link and handing over your eBay username and password. There are many many of these sent every day.

Sign up to our free newsletter.
Security news, advice, and tips.

Nothing unusual there.

But what is different in this case is the laziness they have demonstrated in disguising that they are not really eBay. If you look at the email address they have used to send it from, it says aw-notice@ebey.com.

It only takes seconds to fake an email address – if they had employed someone to do quality control they would have spotted that should have said [email protected] in a second.

Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.