[nsp-sec] Paging mail2world.com; HCC phishing
SURFcert - Peter
p.g.m.peters at utwente.nl
Wed Jul 16 04:16:08 EDT 2008
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hello,
I got some phishing mail for the dutch provider HCCnet. The reply
address is infoalert3 at mail2world.com.
To add some authenticity they use the real URL to the webmail server:
> DEAR HCCNET ACCOUNT USER,
>
> To complete your account activation with us,you are required to reply to
> this message and enter your password in the spaces provided (********) you
> are required to do this before the next 48 hours of receipt of this email
> or your database will be erased and and de-activated from our
> database.This measure is to enhance efficiency of hccnet.nl Users.
>
> Your account can also be verified using the link below:
>
> http://webmail.hccnet.nl
>
> Thank you for using hccnet.nl
> Copyright © 2008 HCCNET INTERNET USER
The link was real. No hidden tricks. The user just has to reply and add
his password. Although I don't know how they might find the account
associated with the password. I did not receive it on my HCCnet account.
- --
Peter Peters
SURFcert Officer off Duty
cert at surfnet.nl http://cert.surfnet.nl/
office-hours: +31 302 305 305 emergency (24/7): +31 622 923 564
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD4DBQFIfa5HelLo80lrIdIRAjV1AJd76mEaYMeFi19tUhm/xtkiXTCMAJ0aU6gJ
NoPyM4Q6jTUEwNRVFYTWTw==
=Z/Qm
-----END PGP SIGNATURE-----
More information about the nsp-security
mailing list