[LINK] scammer using LinkedIn

Karl Auer kauer at biplane.com.au
Tue Sep 18 11:21:35 AEST 2012


On Tue, 2012-09-18 at 10:58 +1000, Jan Whitaker wrote:
> Darn it, Linked In is infiltrated.

Not necessarily - spammers can put almost anything they like in the
email headers. It's a favourite trick to appear to come from some likely
trusted source. It is extremely unlikely that Intuit was involved - and
their website even has a warning about exactly this scam:

http://security.intuit.com/alert.php?a=36

> >Please download your complete order id #5507744 
> >from the attachment.(Open with Internet Explorer)

It's most likely that the intent of this spam was to get you to execute
something in the attachment and/or click on links to infecting sites.
The 1900 number may be Intuit's real support number or a secondary scam;
I'm guessing the latter as a quick check doesn't turn up that number on
Intuit's site.

Then there are these sites:

http://www.snopes.com/fraud/phishing/intuitorder.asp
http://www.scamtrends.com/your-intuit-com-order-confirmation/
http://www.scamwarners.com/forum/viewtopic.php?t=34288&f=43
http://www.hoax-slayer.com/intuit-malware-emails.shtml

Regards, K.

-- 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Karl Auer (kauer at biplane.com.au)
http://www.biplane.com.au/kauer
http://www.biplane.com.au/blog

GPG fingerprint: AE1D 4868 6420 AD9A A698 5251 1699 7B78 4EEE 6017
Old fingerprint: DA41 51B1 1481 16E1 F7E2 B2E9 3007 14ED 5736 F687
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 230 bytes
Desc: This is a digitally signed message part
URL: <https://mailman.anu.edu.au/pipermail/link/attachments/20120918/7b607c79/attachment.sig>


More information about the Link mailing list