HEADS UP: Fake Visa email
Results 1 to 6 of 6

Thread: HEADS UP: Fake Visa email

  1. #1
    Just Another Geek
    Join Date
    Jul 2002
    Rotterdam, Netherlands

    HEADS UP: Fake Visa email

    I received the following HTML email this morning:

    From: Visa International Service <security@visa-security.com>
    Subject: Visa Security Update
    Date: 23 Dec 2003 05:24:34 -0600


    Dear Customer,

    Our latest security system will help you to avoid possible fraud actions
    keep your investments in safety.

    Due to technical security update you have to reactivate your account

    Click on the link below to login to your updated Visa account.

    To log into your account, please visit the Visa Website at


    We respect your time and business.
    It's our pleasure to serve you.

    Please don't reply to this email. This e-mail was generated by a mail
    handling system.


    Copyright 1996-2003, Visa International Service Association. All rights
    The visa link inside the email points to:

    After the http://www.visa.com you'll find a familiar 0x01. It's the first email I've seen that actually makes use of this browser bug.
    Oliver's Law:
    Experience is something you don't get until just after you need it.

  2. #2
    Master-Jedi-Pimps0r & Moderator thehorse13's Avatar
    Join Date
    Dec 2002
    Washington D.C. area
    Yeah, this is all over BugTraq today too. Yet another XSS issue to deal with...

    Good catch.

    Our scars have the power to remind us that our past was real. -- Hannibal Lecter.
    Talent is God given. Be humble. Fame is man-given. Be grateful. Conceit is self-given. Be careful. -- John Wooden

  3. #3
    Senior Member
    Join Date
    Apr 2002
    And they have added the very classical false web site trap, also. Hidden in their endless link, you can find "@".

    This mail seems well written and well presented. It could make a lot of victims.
    Life is boring. Play NetHack... --more--

  4. #4
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    United Kingdom: Bridlington
    Good heads up!

    The "English" is not quite "English", but it is a reasonable effort


  5. #5
    They call me the Hunted foxyloxley's Avatar
    Join Date
    Nov 2003
    3rd Rock from Sun
    As a question ? What would happen if I were to click the link in SirDice's message, and put some fake details into the relevant boxes, and NO I haven't been there.

    edit : by what would happen. I mean, would it class as a hack? or spam ? or what ?
    55 - I'm fiftyfeckinfive and STILL no wiser,
    OLDER yes
    Beware of Geeks bearing GIF's
    come and waste the day :P at The Taz Zone

  6. #6
    Senior Member
    Join Date
    Oct 2001
    Scam I think. The website has already been taken down. Clicking the link now brings you to a 404 Error, page not found. Basically when it was working, the person would forward the data you type in to a CGI script to collect the data that people type in, and they would access this data later to get account detail to steal money, etc... The page itself is at but all of the stuff before it is made to make is appear "real," but it is really just random data and doesn't/shouldn't do anything. On Internet Explorer, it would appear to be the site listed in front with the visa.com and user session data...

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts