Post-modern phishing
Lovely little phishing scam arrived the other day:
To provide our customers the most effective and secure online access to their accounts, we are continually upgrading our online services. As we add new features and enhancements to our service, there are certain browser versions, which will not support these system upgrades. As many customers already know, Microsoft Internet Explorer has significant ‘holes’ or vulnerabilities that virus creators can easily take advantage of.
In order to further protect your account, we have introduced some new important security standards and browser requirements. SunTrust security systems require that you test your browser now to see if it meets the requirements for SunTrust Internet Banking.
Please sign on to Internet Banking in order to verify security update installation. This security update will be effective immediately. In the meantime, some of the Internet Banking services may not be available. (Don’t worry, the URL is safe to click on.)
Lovely, isn’t it? Get the punters worried about one thing so they don’t spot where you’re taking them with the other. Classic magician’s trick. And all spelt correctly too.
The compromised machine being used to host this site is at 82.90.165.65 (in the subdirectory /s). It’s in Italy and has open ports all over the place; you can even FTP into it but I couldn’t get a listing. (It’s a Windows machine.) Anyone care to see if they can get any further?
- These posts might be related (the database thinks..):
- First thought on eBay buys Skype (12 September 2005; score: 56.22%)
- But hang on, if they're phishing.. (9 April 2005; score: 43.45%)
- My predictions for 2005: wireless iPods, more phishing, and many more Firefox users (30 December 2004; score: 38.23%)
![[Valid RSS]](wp-includes/images/valid-rss.png "Validate my RSS feed"){kind=small}
November 29th, 2004 at 3:45 pm
It comes to something when the ‘bait’ of a ‘bait and switch’ is the security concern around Microsoft. No other industry would tolerate this…as an almost all pervasive product surely this lack of integrity needs a much more enforced response?
November 30th, 2004 at 4:28 pm
What intrigues me about this one is that it tries to trick you into trying correct something that hasn’t happened yet, but will if you take the bait!
Our terms and conditions you agreed to state that your account must always be under your control or those you designate at all times. We have noticed some activity related to your account that
indicates that other parties may have access and or control of your information in your account.
Please be aware that until we can verify your identity no further access to your account will be allowed.As a result,Your access to bid or buy on eBay has been restricted.To start using your eBay account fully,Please uptake and verify your information by clicking below
http://signin.ebay.com/aw-c gi/eBayISAPI.dll?Verify
Note the in the url (that’s just how it looked viewed in OE as text-only)
The real url is http://signin_ebay_com_account.ministop.co.kr (220.85.13.40, in Korea)
James