[nsp-sec] enom^Wnetsol security POC?
Chris Morrow
morrowc at ops-netman.net
Tue Oct 28 17:26:50 EDT 2008
On Tue, 28 Oct 2008, Scott A. McIntyre wrote:
> ----------- nsp-security Confidential --------
>
> Hi,
>
>
> On Oct 27, 2008, at 22:32 , Chris Morrow wrote:
>
>> ----------- nsp-security Confidential --------
>>
>>
>> looks like enom is being phished :(
>>
>> <snip spam content>
>> For access your account follow this link - http://www.enom.com.sys82.net
>> </snip spam content>
>>
>> something about 'we are doing maintenence...' spam sample available upon
>> request.
>
>
> Earlier tonight our abuse@ inbox started getting rather full of people
> questioning the validity of a Network Solutions email -- people are so used
> to phishing attacks that requests to "verify account details" raise a lot of
> alerts. Unfortunately, the email apparently is in HTML format with embedded
> links, but all of the customers reporting it are forwarding plain-text, so
> I'm not sure where the links actually point.
>
> The text of the mail reads as below -- does anyone know if this is a "real"
> initiative from Netsol (and thus, a really really bad idea) or a phish?
>
> I fear it's legit, which would be depressing.
>
checking in my spam samples, but.. this looks like normal WDRP stuff, my
registrar does this to me yearly I believe... I'll post back again if I
see examples in my samples.
>>
>> Reviewing Your Domain Name Information
>>
<snip>
>> Please take a moment to view the WHOIS listing for each of the
>> domain names you currently have registered through us. Please verify
<snip>
More information about the nsp-security
mailing list