Re: [Full-disclosure] Fwd: WSLabs, Phishing Alert: Internal Revenue (FAO Todd Towles)
- From: "GroundZero Security" <fd@xxxxxxx>
- Date: Thu, 15 Dec 2005 20:28:58 +0100
how offten do i need to tell you ? you are pathetic!
this just prooves that you are an idiot.
----- Original Message -----
From: "n3td3v" <xploitable@xxxxxxxxx>
Sent: Thursday, December 15, 2005 7:46 PM
Subject: [Full-disclosure] Fwd: WSLabs,Phishing Alert: Internal Revenue (FAO Todd Towles)
> Heres proof I have infulence over the biggest of corporations!
> ---------- Forwarded message ----------
> From: Websense Security Labs <DoNotReply@xxxxxxxxxxxxxxxxxxxxxxxx>
> Date: Dec 15, 2005 6:40 PM
> Subject: WSLabs, Phishing Alert: Internal Revenue Service
> To: xploitable@xxxxxxxxx
> Websense(r) Security Labs(TM) has received reports of a new phishing
> attack that targets American taxpayers and claims to be the Internal
> Revenue Service. Users receive a spoofed email message, which claims
> they may access and track their tax refund information online. Upon
> clicking the link in the email, users are taken to a fraudulent
> website. The fraudulent website prompts users for their first and last
> name, social security number, mailing and email address, credit card
> number, CVV2, and ATM pin.
> This phishing site is hosted in Italy and was down at the time of this alert.
> Phishing email:
> *Subject:* Refund notice
> You filed your tax return and you're expecting a refund. You have just
> one question and you want the answer now - Where's My Refund?
> Access this secure Web site to find out if the IRS received your
> return and whether your refund was processed and sent to you.
> **New program enhancements** allow you to begin a refund trace online
> if you have not received your check within 28 days from the original
> IRS mailing date. Some of you will also be able to correct or change
> your mailing address within this application if your check was
> returned to us as undelivered by the U.S. Postal Service. "Where's My
> Refund?" will prompt you when these features are available for your
> To get to your refund status, you'll need to provide the following
> information as shown on your return:
> * Your first and last name
> * Your Social Security Number (or IRS Individual Taxpayer
> Identification Number)
> * Your Credit Card Information (for the successful complete of the
> Okay now, **Where's My Refund
> <LINK DELETED>
> Note: If you have trouble while using this application, please check
> the Requirements
> <http://www.irs.gov/individuals/article/0,,id=96582,00.html> to make
> sure you have the correct browser software for this application to
> function properly and check to make sure our system is available
> Phishing screenshot available with full alert.
> For additional details and information on how to detect and prevent
> this type of attack:
> Websense Security Labs discovers and investigates today's advanced
> internet threats and publishes its findings enabling
> organizations to best protect employee computing environments from
> increasingly sophisticated and dangerous internet threats.
> To unsubscribe: http://www.websensesecuritylabs.com/unsubscribe
> FAQs: http://www.websensesecuritylabs.com/about/
> Download a free 30 day trial: http://www.websense.com/downloads/SecurityLabs/
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
Full-Disclosure - We believe in it.
Hosted and sponsored by Secunia - http://secunia.com/
- Prev by Date: [Full-disclosure] Re: OT: Amazing, the Diebold insider said.
- Next by Date: Re: [Full-disclosure] A CALL FOR FULL-DISCLOSURE TO BECOME A MODERATED LIST
- Previous by thread: Re: [Full-disclosure] Fwd: WSLabs, Phishing Alert: Internal Revenue (FAO Todd Towles)
- Next by thread: Re: [Full-disclosure] Fwd: WSLabs, Phishing Alert: Internal Revenue (FAO Todd Towles)