[65047] in North American Network Operators' Group
Re: Email security issues
daemon@ATHENA.MIT.EDU (Daniel Roesen)
Mon Nov 10 14:33:50 2003
Date: Mon, 10 Nov 2003 20:30:50 +0100
From: Daniel Roesen <dr@cluenet.de>
To: nanog@merit.edu
Mail-Followup-To: nanog@merit.edu
In-Reply-To: <Pine.LNX.4.44.0311101306250.3358-100000@adibox.knet.ca>; from adil@adis.on.ca on Mon, Nov 10, 2003 at 01:10:42PM -0600
Errors-To: owner-nanog-outgoing@merit.edu
On Mon, Nov 10, 2003 at 01:10:42PM -0600, Adi Linden wrote:
> I've just receives a nice email from my banker (ok, it claims to be from
> my banker) asking me to visit my banks website and confirm my email
> address. This email is by far the most convincing piece of fraud I
> received to date so far. The URL loads up the bank page plus a popup
> provoding a login. Looking at the source of the popup it revels that it is
> positively not a legit source and most likely used to harvest peoples
> access information.
Yep, got the same one. Quite a good fake. Even the faked Received: line
has an IP from an IP block of this bank. The only "technical" thing
which I saw when taking a quick look which showed the fake was the
.edu relay inbetween.
Best regards,
Daniel
