Wamu Hoax
Posted: Sun Dec 05, 2004 11:24 pm
I just got sent a rather devious e-mail from this ip address 211.247.28.122. Posing to be wamu an american bank, I looked it up and found this -
This malicious HTML script may arrive as an email or as a posted link to a Web page. It uses social engineering to trick users into revealing sensitive information.
The email message poses as an email from Washington Mutual. It attempts to persuade the user to click the supplied URL. When a user clicks the URL, a spoofed Web page of the Washington Mutual website pops up. This spoofed site is identical to the authentic site, and may trick some users into entering their account information.
The script is able to spoof the internet address as http://www.wamu.com/personal/welcome/co ... rsdata.htm. However, the actual address the user is viewing is at http://62.197.72.226:87:wa/index.htm
When I copied it and pasted it here I this nonsense below.
<http://www.wamu.com/personal/welcome/co ... rsdata.htm> <http://www.wamu.com/personal/welcome/co ... rsdata.htm>
Marijuana Las Vegas in 1896 as follows Amateur No, not now. Moon Landing Barbie you mustn't You'll see let's forget How about you? you're welcome You'd better go But I don't we need to get in 2001 It's O.K. Excite pretty much. in 1822 Don't listen to Miss in 1942 in 1986
What it actually says is technical services of the bank are carrying out a planned software upgrade. We earnestly ask you to visit the following link to start the procedure of confirmation of customers' data.
this instruction has been sent to all bank customers and is obligitory to follow.
Thank you for co-operating
Customers support service,
This malicious HTML script may arrive as an email or as a posted link to a Web page. It uses social engineering to trick users into revealing sensitive information.
The email message poses as an email from Washington Mutual. It attempts to persuade the user to click the supplied URL. When a user clicks the URL, a spoofed Web page of the Washington Mutual website pops up. This spoofed site is identical to the authentic site, and may trick some users into entering their account information.
The script is able to spoof the internet address as http://www.wamu.com/personal/welcome/co ... rsdata.htm. However, the actual address the user is viewing is at http://62.197.72.226:87:wa/index.htm
When I copied it and pasted it here I this nonsense below.
<http://www.wamu.com/personal/welcome/co ... rsdata.htm> <http://www.wamu.com/personal/welcome/co ... rsdata.htm>
Marijuana Las Vegas in 1896 as follows Amateur No, not now. Moon Landing Barbie you mustn't You'll see let's forget How about you? you're welcome You'd better go But I don't we need to get in 2001 It's O.K. Excite pretty much. in 1822 Don't listen to Miss in 1942 in 1986
What it actually says is technical services of the bank are carrying out a planned software upgrade. We earnestly ask you to visit the following link to start the procedure of confirmation of customers' data.
this instruction has been sent to all bank customers and is obligitory to follow.
Thank you for co-operating
Customers support service,
)!!!