[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <9f08cff0512151557l404c3bc3na52e4583a450e732@mail.gmail.com>
Date: Thu Dec 15 23:57:09 2005
From: qballus at gmail.com (qballus@...il.com)
Subject: Fwd: WSLabs,
Phishing Alert: Internal Revenue (FAO Todd Towles)
Websense, the largest of corporates? Perhaps you're used to working at
startup ISPs, oh wait, you probably dont even have time for a job
considering you haven't left pre-school yet. You didn't influence the
company iteself and I'm suprised that gmail hasn't been RBL'ed with the
amount of crap you've been spamming everyone with lately.
n00b.
On 12/16/05, n3td3v <xploitable@...il.com> wrote:
>
> Heres proof I have infulence over the biggest of corporations!
>
> ---------- Forwarded message ----------
> From: Websense Security Labs <DoNotReply@...sensesecuritylabs.com>
> Date: Dec 15, 2005 6:40 PM
> Subject: WSLabs, Phishing Alert: Internal Revenue Service
> To: xploitable@...il.com
>
>
> Websense(r) Security Labs(TM) has received reports of a new phishing
> attack that targets American taxpayers and claims to be the Internal
> Revenue Service. Users receive a spoofed email message, which claims
> they may access and track their tax refund information online. Upon
> clicking the link in the email, users are taken to a fraudulent
> website. The fraudulent website prompts users for their first and last
> name, social security number, mailing and email address, credit card
> number, CVV2, and ATM pin.
>
>
> This phishing site is hosted in Italy and was down at the time of this
> alert.
>
> Phishing email:
>
> *Subject:* Refund notice
>
> You filed your tax return and you're expecting a refund. You have just
> one question and you want the answer now - Where's My Refund?
>
> Access this secure Web site to find out if the IRS received your
> return and whether your refund was processed and sent to you.
>
> **New program enhancements** allow you to begin a refund trace online
> if you have not received your check within 28 days from the original
> IRS mailing date. Some of you will also be able to correct or change
> your mailing address within this application if your check was
> returned to us as undelivered by the U.S. Postal Service. "Where's My
> Refund?" will prompt you when these features are available for your
> situation.
>
> To get to your refund status, you'll need to provide the following
> information as shown on your return:
>
> * Your first and last name
>
> * Your Social Security Number (or IRS Individual Taxpayer
>
> Identification Number)
>
> * Your Credit Card Information (for the successful complete of the
>
> process)
>
>
> Okay now, **Where's My Refund
>
> <LINK DELETED>
>
> Note: If you have trouble while using this application, please check
> the Requirements
> <http://www.irs.gov/individuals/article/0,,id=96582,00.html> to make
> sure you have the correct browser software for this application to
> function properly and check to make sure our system is available
> <http://www.irs.gov/individuals/article/0,,id=141231,00.html>.
>
> Phishing screenshot available with full alert.
>
> For additional details and information on how to detect and prevent
> this type of attack:
> http://www.websensesecuritylabs.com/alerts/alert.php?AlertID=372
>
>
>
> =-==-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-=-=-=-=-=-=-=-=-
> Websense Security Labs discovers and investigates today's advanced
> internet threats and publishes its findings enabling
> organizations to best protect employee computing environments from
> increasingly sophisticated and dangerous internet threats.
>
>
> To unsubscribe: http://www.websensesecuritylabs.com/unsubscribe
> FAQs: http://www.websensesecuritylabs.com/about/
> Download a free 30 day trial:
> http://www.websense.com/downloads/SecurityLabs/
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20051216/1c78965b/attachment.html
Powered by blists - more mailing lists