[LINK] Another phishing tale
Rick Welykochy
rick at praxis.com.au
Fri Sep 5 12:51:12 AEST 2008
Ivan Trundle wrote:
> On 05/09/2008, at 10:57 AM, Rick Welykochy wrote:
>
>> It was
>> a fake but look at the headers:
>>
>> To: rick at praxis.com.au
>> Subject: money transfer
>> From: Westpac Bank <moneytransfer at westpac.co.nz>
>
> How can we tell? (that it was fake, or that the headers that you have
> shown us were real)
>
> What was actually in the full message headers? (these are more telling)
You can trust me that the above was in the headers.
Or I can privately email you the entire (boring) email. It is
just another phishing scam.
It is easy to tell it is a fake:
* the email originated from ww04.asadal.net, prolly a zombie PC
on a Korean ISP in Soeul, as reported by
<http://www.geobytes.com/IpLocator.htm?GetLocation>
* the sender's email address is not from Westpac Australia
* the link in the email is not to a Westpac server, it is to a controlled bot
e.g. http://www.unisoft.jp/
* Westpac issue statements to their customers that they never send emails
containing login links. Rather, you are encouraged to type in the URL
yourself. (A bookmark isn't even safe since they can be modified by JS)
cheers
rickw
--
________________________________________________________________
Rick Welykochy || Praxis Services || Internet Driving Instructor
For every complex problem, there is a solution that is simple, neat, and wrong.
-- H.L. Mencken
More information about the Link
mailing list