June 2nd, 2007, 10:02 PM
A Phishing Email I Just Recieved
!!!!!!WARNING!!!!!!! DO "NOT" PROVIDE ANY INFORMATION TO THE FOLLOWING
Below is a copy of a recent email I received. It has been reported to www.us-cert.gov/nav/report_phishing.html.
The link (below in the example) takes you to the actual phishing site; which, looks like the phisher actually put some time into this. (please be warned also I did not get any spyware warnings from this site but that does not mean it does not exist.)
**Follow Link At Your Own Risk**
Again, please do not provide any information this is just for educational reasons.
I started out the "from" email address. I think that counts as personal information.
Header: Official information for all Federal Credit Union
From: National Credit Union Administration <***@yahoo.com>
Dear Credit Union holder account,
This notice informs you that your Credit Union bank has joined our Federal Credit Union(FCU) network. For both, our and your security, we are asking you to activate an online account on our database. After activation you can login on our system with your SSN and your Credit/Debit PIN number.
You must visit the FCU activation page and fill in the form to activate your online account:
In accordance with NCUA User Agreement, you can use your online account in 24 hours after activation. We thank you for your prompt attention to this matter. Please understand that this is a security measure intended to help protect you and your account.
National Credit Union Administration Team apologize for any inconvenience.
NCUA Account Review Department
June 5th, 2007, 07:57 PM
Was the link in the email html and actually take you to a different place or is that plain text? The reason I ask is because you have to be a government agency to register a .gov
July 14th, 2007, 10:13 PM
In the text, it says "From: ... <***@yahoo.com>". I'm supposing that Saviente wrote the stars. But it's puzzling why the phisher would write a sender that is supposed to be at a yahoo address. If the phisher made a website that looked very real,why would he not write a more plausible sender? Like firstname.lastname@example.org. Sloppy phisher, i guess.
July 16th, 2007, 04:52 PM
July 18th, 2007, 06:47 PM
Everyone has their approach I suppose. Some are better then others...
By Tiger Shark in forum Microsoft Security Discussions
Last Post: January 14th, 2005, 08:47 PM
By ai0070 in forum Miscellaneous Security Discussions
Last Post: October 19th, 2004, 12:21 AM
By ShagDevil in forum Other Tutorials Forum
Last Post: June 13th, 2004, 06:46 PM
By roswell1329 in forum The Security Tutorials Forum
Last Post: December 11th, 2002, 12:35 AM
By rajat in forum Roll Call
Last Post: February 20th, 2002, 05:08 AM