Results 1 to 2 of 2
  1. #1
    Join Date
    Oct 2002
    Location
    /roof/ledge
    Posts
    28,074

    New (to me) phishing scheme

    Got a typical phishing email today with a slightly new (to me) twist, and thought I'd share.

    Date: Mon, 06 Jun 2005 18:05:13 -0500
    From: administrator@stny.rr.com
    Subject: *IMPORTANT* Please Validate Your Account
    To: <myaddress>@stny.rr.com

    Dear Valued Member,

    According to our site policy you will have to confirm your account by the following link or else your account will be suspended within 24 hours for security reasons.

    http://www.stny.rr.com/confirm.php?email=<myaddress>@stny.rr.com

    Thank you for your attention to this question. We apologize for any inconvenience.

    Sincerely,Stny Security Department Assistant.
    The site it linked to was an IP, and on visiting the raw IP, I got a Plesk default page. Add the "confirm.php" and it tried to load a Windows COM object, which I assume was a trojan or virus loader.

    I hadn't seen this ISP twist on this old issue, so I thought I'd pass it on here.
    Your one stop shop for decentralization

  2. #2
    yep - this kind has been around for a while. you have to mouseover the link to see where it actually takes you

    Arun
    Linux Server Hardening by ServerSafety

    Get it done.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •