NNSquad - Network Neutrality Squad
[ NNSquad ] New phishing technique
New phishing technique http://j.mp/19i2G2n (This message on Google+) A new phishing technique. Well at least one I haven't noticed before. Email message shows up that appears to have been intended for a reasonable support address but was mistyped to my domain (common enough, I initially saw two this morning, one of which was legit). My standard practice is to reply with a "wrong address, don't know what you're talking about" sort of note so they can retry to the correct address. So, one of the two this morning appeared to be part of an angry support conversation between a customer and an industrial parts firm (ostensibly signed by the president of the firm complete with normal looking address and phone number info). It seemed to be a situation that had spun out of control (comments from the "president" like "if you want to rip the skin off my face with a rusty fork let me know and I'll put you on the special list I keep of people I hate and don't talk to like the guy from Idol and people who take up two parking places.") I mean, unprofessional sounding, but the sort of thing that happens when people fly off the handle. So I sent my usual "wrong address" note. Then when I dug further down in my email, I found a couple more that were identical, to addresses that immediately suggested they were all fakes. But man, creative fakes! What was the point? My reply would indicate my address was valid, but the address used is very public anyway in my case. There were attachments including what might have been a photo (or not) -- but by policy I never open those from such messages. And there was a link to a "support" page the "president" asked the customer to visit. Looks like that link (which of course, I didn't touch) was the real payload, probably leading to various evil malware. Overall, I consider these to have been among the most creative phishes I've seen in a long time -- way above the usual idiocy. I guess that's a backhanded compliment. Sort of ... --Lauren-- Lauren Weinstein (lauren@vortex.com): http://www.vortex.com/lauren Co-Founder: People For Internet Responsibility: http://www.pfir.org/pfir-info Founder: - Network Neutrality Squad: http://www.nnsquad.org - PRIVACY Forum: http://www.vortex.com/privacy-info Member: ACM Committee on Computers and Public Policy Lauren's Blog: http://lauren.vortex.com Google+: http://google.com/+LaurenWeinstein Twitter: http://twitter.com/laurenweinstein Tel: +1 (818) 225-2800 / Skype: vortex.com _______________________________________________ nnsquad mailing list http://lists.nnsquad.org/mailman/listinfo/nnsquad