Security Incidents mailing list archives
Re: New Phishing Technique?
From: Valdis.Kletnieks () vt edu
Date: Fri, 17 Mar 2006 20:49:10 -0500
On Fri, 17 Mar 2006 14:59:39 EST, Mace.Scott () tatravelcenters com said:
A couple of phishing emails got through our spamassasin/clamav filter here at work, and through to my gmail account, damn near simultaneously. Both with very different text, and different urls. Now clamav is generally very capable of stopping phishing attacks, so I'm surprised these made it through. More interesting, is the fact one got through Gmail as well. And it's very obvious a phish. Here's the text of the email (I added 11111 to the end of the url to guard against accidental clicking): Incidentally, Lotus Notes complains of an untrusted certificate when the email is opened. Dear Chase account holder,
Looks like a pretty stock phish to me. It would have helped immensely if you had posted the original as you received it, complete with any obfuscating Javascript/etc, so we could figure out how it managed to get through. If you're worried about posting it to the list, forward it directly to me (preferably as a message/rfc822 attachment with all the headers and all) and I'll forward it to the appropriate people who are chasing down phishes.
Attachment:
_bin
Description:
Current thread:
- New Phishing Technique? Mace . Scott (Mar 17)
- Re: New Phishing Technique? Valdis . Kletnieks (Mar 17)