Full Disclosure mailing list archives
Re: 3 new MS patches next week... but none fix 0x01!
From: "Mary Landesman" <mlande () bellsouth net>
Date: Sat, 10 Jan 2004 20:26:20 -0500
There now seems to be an active Citibank phishing email exploiting the 0x01 vulnerability. The message states in part: ------------------------ On January 10th 2004 Citibank had to block some accounts in our system connected with money laundering, credit card fraud, terrorism and check fraud activity. The information in regards to those accounts has been passed to our correspondent banks, local, federal and international authorities. Due to our extensive database operations some accounts may have been changed. We are asking our customers to check their checking and savings accounts if they are active or if their current balance is correct. Citibank notifies all it's customers in cases of high fraud or criminal activity and asks you to check your account's balances. If you suspect or have found any fraud activity on your account please let us know by logging in at the link below. ------------------------ The link is a button. When clicked, it takes the user to an address that "seems" to be citibank.com. Instead it is really http://211.239.150.170/login/login.htm. I've just received a copy of it and verified that the site is still active. The IP resolves to: [ ISP Organization Information ] Org Name : Enterprise Networks Service Name : ENTERPRISENET Org Address : GNG IDC B/D, 343-1 Yhatap-dong, Pundang-gu, Seongnam [ ISP IP Admin Contact Information ] Name : Hyo-Sun, Chang Phone : +82-2-2105-6082 Fax : +82-2-2105-6100 E-Mail : ip () epnetworks co kr [ ISP IP Tech Contact Information ] Name : IP Phone : +82-2-2105-6016 Fax : +82-2-2105-6100 E-mail : ip () epnetworks co kr [ ISP Network Abuse Contact Information ] Name : Postmaster Phone : +82-2-2105-6075 Fax : +82-2-2105-6100 E-mail : abuse () epnetworks co kr Regards, Mary Landesman Antivirus About.com Guide http://antivirus.about.com ----- Original Message ----- From: "Nick FitzGerald" asked:
OK -- is HSBC bank a large enough client of Microsoft's??
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Yahoo Instant Messenger Long Filename Downloading Buffer Overflow Tri Huynh (Jan 08)
- <Possible follow-ups>
- Yahoo Instant Messenger Long Filename Downloading Buffer Overflow Tri Huynh (Jan 08)
- Re: Yahoo Instant Messenger Long Filename Downloading Buffer Overflow Santos Rayes (Jan 08)
- 3 new MS patches next week... but none fix 0x01! Exibar (Jan 08)
- Re: 3 new MS patches next week... but none fix 0x01! S G Masood (Jan 08)
- Re: 3 new MS patches next week... but none fix 0x01! Michael Renzmann (Jan 08)
- RE: 3 new MS patches next week... but none fix 0x01! Poof (Jan 08)
- Re: 3 new MS patches next week... but none fix 0x01! Liu Die Yu (Jan 09)
- 3 new MS patches next week... but none fix 0x01! Exibar (Jan 08)
- Re: 3 new MS patches next week... but none fix 0x01! Nick FitzGerald (Jan 10)
- Re: 3 new MS patches next week... but none fix 0x01! Mary Landesman (Jan 10)