[nsp-sec] Dropbox at Gmail
Torsten Voss
voss at dfn-cert.de
Tue Aug 2 10:49:43 EDT 2011
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hello,
we've found a phishing site on a constituent server with two dropbox accounts:
'makecan2 at gmail.com',
'masterjohnmith25 at gmail.com'
The emails have the following subject and message text:
Subject:
"$test CIBC $noc - $user -> $phone "
Message:
- ------------ G00dluck ------------
Card Number(User) : $user
Pass : $pass
- -
Name on card : $noc
Sin : $sin1 - $sin2 - $sin3
Dob : $dobd - $dobm - $doby
Employer : $email
DL # : $phone
- -
Question 1 : $q1
Custom question 1 : $o1
Answer 1 : $a1
- -
Question 2 : $q2
Custom question 2 : $o2
Answer 2 : $a2
- -
Ip : $ip
Browser : $browser
- ------------ G00dluck ------------
Kind regards,
Torsten, AS680
- --
Dipl.-Ing.(FH) Torsten Voss (Incident Response Team), Phone +49 40 808077-634
DFN-CERT Services GmbH, https://www.dfn-cert.de, Phone +49 40 808077-590
Sitz / Register: Hamburg, AG Hamburg, HRB 88805, Ust-IdNr.: DE 232129737
Sachsenstrasse 5, 20097 Hamburg/Germany, CEO: Dr. Klaus-Peter Kossakowski
Automatische Warnmeldungen https://www.cert.dfn.de/autowarn
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.16 (GNU/Linux)
Comment: Using GnuPG with SUSE - http://enigmail.mozdev.org/
iEYEARECAAYFAk44DoYACgkQLn8qYyAllOSzkwCeJDgV+aHVE9vYzC1qjbhq41Ef
wp8AmwdetvNAa8vL0rhcJjp7BC1tyheE
=9GLD
-----END PGP SIGNATURE-----
More information about the nsp-security
mailing list