Re: New Phishing Technique?

[Valdis.Kletnieks () vt edu]

On Fri, 17 Mar 2006 14:59:39 EST, Mace.Scott () tatravelcenters com said:
> A couple of phishing emails got through our spamassasin/clamav filter here 
> at work, and through to my gmail account, damn near simultaneously.  Both 
> with very different text, and different urls.  Now clamav is generally 
> very capable of stopping phishing attacks, so I'm surprised these made it 
> through.  More interesting, is the fact one got through Gmail as well. And 
> it's very obvious a phish.  Here's the text of the email (I added 11111 to 
> the end of the url to guard against accidental clicking):
>  Incidentally, Lotus Notes complains of an untrusted certificate when the 
> email is opened.
>
>
> Dear Chase account holder,

Looks like a pretty stock phish to me.  It would have helped immensely if you
had posted the original as you received it, complete with any obfuscating
Javascript/etc, so we could figure out how it managed to get through.

If you're worried about posting it to the list, forward it directly to me
(preferably as a message/rfc822 attachment with all the headers and all) and
I'll forward it to the appropriate people who are chasing down phishes.

Attachment: _bin
Description: