[nsp-sec] Yahoo phising account
Roper, Sara
Sara.Roper at qwest.com
Thu May 22 13:34:14 EDT 2008
The email Don's citing has the same yahoo drop box:
Reply-To: account.desk at y7mail.com
Contacting Yahoo's phishing reporting email addy now...
> -----Original Message-----
> From: nsp-security-bounces at puck.nether.net
> [mailto:nsp-security-bounces at puck.nether.net] On Behalf Of
> Smith, Donald
> Sent: Thursday, May 22, 2008 10:08 AM
> To: Serge Droz; nsp-security NSP
> Subject: Re: [nsp-sec] Yahoo phising account
>
> ----------- nsp-security Confidential --------
>
> Serge did your phishing look something like this:
> > Dear User
> >
> > This mail is to notify all users that the site will be undergoing
> > upgrade in a couple of days from now.
> >
> > Hence, as a user of our site, you are required to send us
> your email
> > account details to enable us acknowledge account activeness
> >
> > Furthermore, be informed that we will be deleting all mail account
> > that is not active so as to create more space for new users.
> >
> > Therefore you are advice to send us your mail account details As
> > requested below
> >
> > *User name:.........
> > *Password:..............
> > *Date of birth:................
> > *Security question:.............
> > *Security answer:......................
> >
> > All users are advise to complete this update.
> > Regards
> >
> > Mark Anderson
> > Tech/Maintenance officer
>
> We saw this related to universities starting about the
> beginning of the year but it has moved to "targeting" ISPs now.
> Notice they are not even personalizing the content just the
> from line is "personalized".
>
>
>
> Security through obscurity WORKS against some worms and ssh
> attacks:) Donald.Smith at qwest.com giac
>
> > -----Original Message-----
> > From: nsp-security-bounces at puck.nether.net
> > [mailto:nsp-security-bounces at puck.nether.net] On Behalf Of
> Serge Droz
> > Sent: Thursday, May 22, 2008 10:02 AM
> > To: nsp-security NSP
> > Subject: [nsp-sec] Yahoo phising account
> >
> > ----------- nsp-security Confidential --------
> >
> > Hello Yahoo,
> >
> > we have a phishing attack here, requiring people to submit stuff to
> >
> > Reply-To: account.desk at y7mail.com
> >
> > Could someone from yahoo please suspend this account.
> > We would be interested in the 'usernames' which have been
> compromised.
> >
> > Thanks for any help
> >
> > Serge
> >
> >
> >
> >
> > --
> > SWITCH
> > Serving Swiss Universities
> > --------------------------
> > Serge Droz, SWITCH-CERT
> > Werdstrasse 2, P.O. Box, 8021 Zurich, Switzerland phone +41
> 44 268 15
> > 63, fax +41 44 268 15 78 serge.droz at switch.ch, http://www.switch.ch
> >
> >
> > _______________________________________________
> > nsp-security mailing list
> > nsp-security at puck.nether.net
> > https://puck.nether.net/mailman/listinfo/nsp-security
> >
> > Please do not Forward, CC, or BCC this E-mail outside of the
> > nsp-security community. Confidentiality is essential for effective
> > Internet security counter-measures.
> > _______________________________________________
> >
> >
>
>
> This communication is the property of Qwest and may contain
> confidential or privileged information. Unauthorized use of
> this communication is strictly prohibited and may be
> unlawful. If you have received this communication in error,
> please immediately notify the sender by reply e-mail and
> destroy all copies of the communication and any attachments.
>
>
> _______________________________________________
> nsp-security mailing list
> nsp-security at puck.nether.net
> https://puck.nether.net/mailman/listinfo/nsp-security
>
> Please do not Forward, CC, or BCC this E-mail outside of the
> nsp-security community. Confidentiality is essential for
> effective Internet security counter-measures.
> _______________________________________________
>
>
More information about the nsp-security
mailing list