Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Re: Your account at Wells Fargo has been suspended (Phishing Scam)
From: Szilveszter Adam <adam () nhh hu>
Date: Wed, 07 Jul 2004 08:34:15 +0200

Hi,

[Since phishing seems to be all the rage today, I feel compelled to add...]

Babak Pasdar wrote:
We have uncovered a phishing scam.  This is a perfect example of a
phishing scam.  All indicators (that the recipient sees) show a valid and
legitimate e-mail from Wells Fargo.  This e-mail tells the user their
account has been frozen due to fraudulent activity and gives them a link
to go to.  However when you click on the link it takes you to a site in
Korea and not Wells Fargo:

<...>

Here is a quick assessment that confirms the e-mail is fraudulent.  In
the header notice the source sending it to igxglobal is not identifiable
via reverse DNS:

<lots of info eluded>

Well, maybe it's just me, but to me, the *very* first reason to believe that the mail was a fraud would be, that I never, ever would expect my bank to send me such sensitive and time-critical information in an email message, which can be read by any party while in transit and be delayed for arbitrary amounts of time, or not delivered at all. (insert rant here about why more and more applications are relying on email and SMS messages as a timely and dependable communications mechanism, when clearly neither was designed to be either) How would they maintain the privacy of banking operations if they sent such messages to customers? Please, please US people tell me that even US banks are not so stupid as to do this... convenience is surely a trump, but not in banking... there I want security first of all.

P.S. Remember, when we used to tell people "Never open messages claiming to be virus warnings or security patches from MS, they will never ever going to send such things in email, only offer them through the web."? Well, the other day I received an email from MS Hungary (I was registered for several TechNet events in the past) about the "worm-du-jour" and how it is dangerous and how MS recommends applying the patch immediately. Dang. The only thing missing was the patch attached. This is why police say as long as criminals are people there is not going to be a perfect crime. Everybody gets lazy after a time.

Regards,
Sz.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]