17 November 2017


Key Takeaways:

1. Do not fall for “my [insert document name] is stored securely on this site [insert url]”

2. The website “sdcc.cf” is a known phishing site. If you have an up-to-date browser, it’ll likely warn you of it.

3. Existing "client" names – in case you google your inquiries – do not mean that this is the person out to scam you.

The 411:

Recently I was emailed by a couple who’s house-hunting in Florida.

Their story: supposedly they’re living in LA, and go by the names of Hannah and Kurt Nilsson. She’s a housewife, he works on an oil rig in the Baltic sea. They originally planned to buy in January so not incurr a penalty on their investment account, but now they’d like to buy before the end of the year, up to $1.5m. He would like to come to FL in the next few days, after having returned from a stint on the rig.

While I couldn’t quite locate Hannah, Kurt exists, even in multiple forms: Kurt Nilsson is a very common name in Sweden, and one of the nicest Kurts I found online is a judge on the dog-breeder circuit. Not very likely a phisher.

When Proof of Funds did not arrive attached to one of their emails but “stored securely” on a website, Firefox warned me immediately before even opening the URL. If one is truly brave one can check out the site: it asks for your log-in with Gmail, Dropbox, Yahoo, Faceboook etc. credentials. – Yeah right. And here I thought phishing became outdated.

As I – grinning and very politely – pointed out that their bank statement is stored at a phishing site, something went "poof!" and the "buyers" vanished. Such a pity.

So, do watch it please, however convincing the story may be at first.