lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
From: mlande at bellsouth.net (Mary Landesman)
Subject: 3 new MS patches next week... but none fix 0x01!

There now seems to be an active Citibank phishing email exploiting the 0x01
vulnerability. The message states in part:
------------------------
On January 10th 2004 Citibank had to block some accounts in our system
connected with money laundering, credit card fraud, terrorism and check
fraud activity. The information in regards to those accounts has been passed
to our correspondent banks, local, federal and international authorities.

Due to our extensive database operations some accounts may have been
changed. We are asking our customers to check their checking and savings
accounts if they are active or if their current balance is correct.

Citibank notifies all it's customers in cases of high fraud or criminal
activity and asks you to check your account's balances. If you suspect or
have found any fraud activity on your account please let us know by logging
in at the link below.
------------------------

The link is a button. When clicked, it takes the user to an address that
"seems" to be citibank.com. Instead it is really
http://211.239.150.170/login/login.htm. I've just received a copy of it and
verified that the site is still active.

The IP resolves to:

[ ISP Organization Information ]
Org Name      : Enterprise Networks
Service Name  : ENTERPRISENET
Org Address   : GNG IDC B/D, 343-1 Yhatap-dong, Pundang-gu, Seongnam

[ ISP IP Admin Contact Information ]
Name          : Hyo-Sun, Chang
Phone         : +82-2-2105-6082
Fax           : +82-2-2105-6100
E-Mail        : ip@...etworks.co.kr

[ ISP IP Tech Contact Information ]
Name          : IP
Phone         : +82-2-2105-6016
Fax           : +82-2-2105-6100
E-mail        : ip@...etworks.co.kr

[ ISP Network Abuse Contact Information ]
Name          : Postmaster
Phone         : +82-2-2105-6075
Fax           : +82-2-2105-6100
E-mail        : abuse@...etworks.co.kr

Regards,
Mary Landesman
Antivirus About.com Guide
http://antivirus.about.com


----- Original Message ----- 
From: "Nick FitzGerald" asked:

> OK -- is HSBC bank a large enough client of Microsoft's??

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ