Date Reported 11th February 2005
Apparent Sender MSN
Return Address MSN Accounting Manager <accmanager@msn.net>
Subject Automatical information verification application fault.
Format HTML
Method Spoof email links to a spoof webpage where victim is prompted to enter their details believing the site is genuine. Details are then forwarded to a local script and captured.
Bogus Web Content? Yes
URL of web content http://www.explore-msn.com/?sess=tAGpYp4ZhIIkvtdnEB4FORQKMYuMG3FaDlACLEB4mjoTNDhrel&cid=x
RISK LEVEL HIGH
WARNINGS 1. Email claims to be from MSN asking you to confirm your account data by clicking on the link. You will be taken to a spoof login page where your details will be captured by the phishers.
2. MSN never send users emails requesting details in this way.
3. URL of spoof website disguised as "secure form"...
4. Real URL looks like MSN - phishers have used a very similar domain name!
5. Clicking on the link also passes your email address to the phishers via a script on the spoof website.
6. Spoof website loads as a popup in front of the REAL MSN page to make it look authentic.
7. Email uses a clever trick to get past spam filters - it looks normal to the human eye, but try selecting some text and you'll see that every letter is in a separate table and they are all separated by dots, making it look like gobledegook to a filter.
8. Website traced to Philadelphia, USA
"Dear MSN customer, During one of our regular automatical verification procedures... "
If you have received this email, please remember that it is very common for these email scams to be redistributed at a later date with only slightly different content or the same but with the fake page(s) hosted by a different provider. Also, once you have received one of these hoaxes, it is also common place to receive at least another one and usually a day or two after the first, although not necessarily from the same apparent sender.
|
