RE: Fwd: WSLabs, Phishing Alert: Internal Revenue (FAO Todd Towles)

["Jason Jones" <jasonjones () brookshires com>]

I already give Uncle Sam enough money. I wouldn't give him my credit
card number to go shopping at Macy's. Anyone that would do this would
truly be an ID10T.

If you have such a big influence over big corporations, then why do you
need so badly to prove to the people on FD to believe you?

That would be like Superman trying to convince every one that he's Clark
Kent.

Sounds like you have a social problem more than anything.

-----Original Message-----
From: full-disclosure-bounces () lists grok org uk
[mailto:full-disclosure-bounces () lists grok org uk] On Behalf Of n3td3v
Sent: Thursday, December 15, 2005 12:57 PM
To: full-disclosure () lists grok org uk
Subject: Re: [Full-disclosure] Fwd: WSLabs,Phishing Alert: Internal
Revenue (FAO Todd Towles)

Accordng to your friends, this was disclosed on the 30th of November to
the Online Media Community? If you look back at my original phishing
advisory, you'll see people were saying "old news, go away".
If its such old news, why did WSLabs in less than 24 hours issue an
advisory? Get real, its totally related to my FD post.

I continue to work as a security researcher behind the scenes with
Gooogle, Yahoo, WS and others


On 12/15/05, Todd Towles <toddtowles () brookshires com> wrote:
> FAO me? Please...you didn't report anything. You think a company that 
> scan 70 million sites a night didn't have the information before you?
> You really are dreaming...
>
> > -----Original Message-----
> > From: full-disclosure-bounces () lists grok org uk
> > [mailto:full-disclosure-bounces () lists grok org uk] On Behalf Of 
> > n3td3v
> > Sent: Thursday, December 15, 2005 12:47 PM
> > To: full-disclosure () lists grok org uk
> > Subject: [Full-disclosure] Fwd: WSLabs,Phishing Alert:
> > Internal Revenue (FAO Todd Towles)
> >
> > Heres proof I have infulence over the biggest of corporations!
> >
> > ---------- Forwarded message ----------
> > From: Websense Security Labs <DoNotReply () websensesecuritylabs com>
> > Date: Dec 15, 2005 6:40 PM
> > Subject: WSLabs, Phishing Alert: Internal Revenue Service
> > To: xploitable () gmail com
> >
> >
> > Websense(r) Security Labs(TM) has received reports of a new phishing

> > attack that targets American taxpayers and claims to be the Internal

> > Revenue Service. Users receive a spoofed email message, which claims

> > they may access and track their tax refund information online. Upon 
> > clicking the link in the email, users are taken to a fraudulent 
> > website. The fraudulent website prompts users for their first and 
> > last name, social security number, mailing and email address, credit

> > card number, CVV2, and ATM pin.
> >
> >
> > This phishing site is hosted in Italy and was down at the time of 
> > this alert.
> >
> > Phishing email:
> >
> > *Subject:* Refund notice
> >
> > You filed your tax return and you're expecting a refund. You have 
> > just one question and you want the answer now - Where's My Refund?
> >
> > Access this secure Web site to find out if the IRS received your 
> > return and whether your refund was processed and sent to you.
> >
> > **New program enhancements** allow you to begin a refund trace 
> > online if you have not received your check within 28 days from the 
> > original IRS mailing date. Some of you will also be able to correct 
> > or change your mailing address within this application if your check

> > was returned to us as undelivered by the U.S. Postal Service. 
> > "Where's My Refund?"
> > will prompt you when these features are available for your
situation.
> > To get to your refund status, you'll need to provide the following 
> > information as shown on your return:
> >
> > * Your first and last name
> >
> > * Your Social Security Number (or IRS Individual Taxpayer
> >
> > Identification Number)
> >
> > * Your Credit Card Information (for the successful complete of the
> >
> > process)
> >
> >
> > Okay now, **Where's My Refund
> >
> > <LINK DELETED>
> >
> > Note: If you have trouble while using this application, please check

> > the Requirements 
> > <http://www.irs.gov/individuals/article/0,,id=96582,00.html>
> > to make sure you have the correct browser software for this 
> > application to function properly and check to make sure our system 
> > is available 
> > <http://www.irs.gov/individuals/article/0,,id=141231,00.html>.
> >
> > Phishing screenshot available with full alert.
> >
> > For additional details and information on how to detect and prevent 
> > this type of attack:
> > http://www.websensesecuritylabs.com/alerts/alert.php?AlertID=372
> >
> >
> >
> > =-==-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-=-=-=-=-=-=-=-=-
> > Websense Security Labs discovers and investigates today's advanced 
> > internet threats and publishes its findings enabling organizations 
> > to best protect employee computing environments from increasingly 
> > sophisticated and dangerous internet threats.
> >
> >
> > To unsubscribe: http://www.websensesecuritylabs.com/unsubscribe
> > FAQs: http://www.websensesecuritylabs.com/about/
> > Download a free 30 day trial:
> > http://www.websense.com/downloads/SecurityLabs/
> > _______________________________________________
> > Full-Disclosure - We believe in it.
> > Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> > Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/