phishing.

[sean.ferguson]

i thought that if people posted the emails that they recieve, that they know are hoaxes then it may help educate users and stop the growing threat.

I received this, this afternoon.

Dear xxxx@xxxxxx.xx.xx,

We recently have determined that different computers have logged onto your Online Banking account, and multiple password failures were present before the logons. We now need you to re-confirm your account information to us. If this is not completed by March 28th, 2005, we will be forced to suspend your account indefinitely, as it may have been used for fraudulent purposes. We thank you for your cooperation in this manner. 

To confirm your Online Banking records click here: 
https://login.personalwamu.com/logon/logon.asp?dd=1&Update&Your&Info 




Thank you for your patience in this matter.



Washington Mutual Customer Service


Please do not reply to this e-mail as this is only a notification. Mail sent to this address cannot be answered. 

Copyright 2004, Washington Mutual, Inc. All Rights Reserved. 



--
No virus found in this incoming message.
Checked by AVG Anti-Virus.
Version: 7.0.308 / Virus Database: 266.8.4 - Release Date: 27/03/2005

the giveaways, its all in text bar one image near the top (excluded from this copy/paste). It refers to me as my full email address. The link looks suspect even before any further investigation. Looking at whois info for the domain, the details look suspect and the contact mail is an excite.com mailing address. Also the fact that i personally have never had any dealings and never even heard of any "Washington Mutual Inc."

Be aware, phishers will go to any lengths to catch you out. Not all phishing mails are simple text mails.