[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <016e01c601ad$cd502730$0100a8c0@nuclearwinter>
Date: Thu Dec 15 19:30:02 2005
From: fd at g-0.org (GroundZero Security)
Subject: Fwd: WSLabs,
Phishing Alert: Internal Revenue (FAO Todd Towles)
how offten do i need to tell you ? you are pathetic!
this just prooves that you are an idiot.
----- Original Message -----
From: "n3td3v" <xploitable@...il.com>
To: <full-disclosure@...ts.grok.org.uk>
Sent: Thursday, December 15, 2005 7:46 PM
Subject: [Full-disclosure] Fwd: WSLabs,Phishing Alert: Internal Revenue (FAO Todd Towles)
> Heres proof I have infulence over the biggest of corporations!
>
> ---------- Forwarded message ----------
> From: Websense Security Labs <DoNotReply@...sensesecuritylabs.com>
> Date: Dec 15, 2005 6:40 PM
> Subject: WSLabs, Phishing Alert: Internal Revenue Service
> To: xploitable@...il.com
>
>
> Websense(r) Security Labs(TM) has received reports of a new phishing
> attack that targets American taxpayers and claims to be the Internal
> Revenue Service. Users receive a spoofed email message, which claims
> they may access and track their tax refund information online. Upon
> clicking the link in the email, users are taken to a fraudulent
> website. The fraudulent website prompts users for their first and last
> name, social security number, mailing and email address, credit card
> number, CVV2, and ATM pin.
>
>
> This phishing site is hosted in Italy and was down at the time of this alert.
>
> Phishing email:
>
> *Subject:* Refund notice
>
> You filed your tax return and you're expecting a refund. You have just
> one question and you want the answer now - Where's My Refund?
>
> Access this secure Web site to find out if the IRS received your
> return and whether your refund was processed and sent to you.
>
> **New program enhancements** allow you to begin a refund trace online
> if you have not received your check within 28 days from the original
> IRS mailing date. Some of you will also be able to correct or change
> your mailing address within this application if your check was
> returned to us as undelivered by the U.S. Postal Service. "Where's My
> Refund?" will prompt you when these features are available for your
> situation.
>
> To get to your refund status, you'll need to provide the following
> information as shown on your return:
>
> * Your first and last name
>
> * Your Social Security Number (or IRS Individual Taxpayer
>
> Identification Number)
>
> * Your Credit Card Information (for the successful complete of the
>
> process)
>
>
> Okay now, **Where's My Refund
>
> <LINK DELETED>
>
> Note: If you have trouble while using this application, please check
> the Requirements
> <http://www.irs.gov/individuals/article/0,,id=96582,00.html> to make
> sure you have the correct browser software for this application to
> function properly and check to make sure our system is available
> <http://www.irs.gov/individuals/article/0,,id=141231,00.html>.
>
> Phishing screenshot available with full alert.
>
> For additional details and information on how to detect and prevent
> this type of attack:
> http://www.websensesecuritylabs.com/alerts/alert.php?AlertID=372
>
>
>
> =-==-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-=-=-=-=-=-=-=-=-
> Websense Security Labs discovers and investigates today's advanced
> internet threats and publishes its findings enabling
> organizations to best protect employee computing environments from
> increasingly sophisticated and dangerous internet threats.
>
>
> To unsubscribe: http://www.websensesecuritylabs.com/unsubscribe
> FAQs: http://www.websensesecuritylabs.com/about/
> Download a free 30 day trial: http://www.websense.com/downloads/SecurityLabs/
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
Powered by blists - more mailing lists