[OWASP-Bangalore] India Income Tax Mail and Phishing Site

Rajiv Vishwa rajivvishwa at gmail.com
Mon Oct 19 02:49:22 EDT 2009


Hi Guys,

Today I received a mail from the sender ‘India Tax Departament’ that I am
yet to receive the tax refund amount. The first this I did was to check the
sender email id and it was from ‘*wnrlky at aol.com*‘. I can assume that this
id has been long used for phishing attacks (the id resembles ‘winnerlucky’).


Knowing that this is a phishing mail I wanted to check the link which was
embedded. The site to which I was redirected was surprisingly similar to the
actual India IT site. The site contained a form which accepts the credit
card and other details.

Please check this page for the complete details :
http://a4apphack.com/index.php/featured/indian-income-tax-phishing-site

Regards,
Rajiv Vishwa
AppSec Consultant |

---------------------------------------------------------------
Chat Google Talk: rajivvishwa
Contact Me [image: Linkedin] <http://www.linkedin.com/in/rajivvishwa>[image:
Facebook] <http://www.facebook.com/people/Rajiv-Vishwa/503613464>[image:
Youtube] <http://www.youtube.com/user/rajivvishwa>[image:
Twitter]<http://twitter.com/rajivvishwa>[image:
del.icio.us] <http://delicious.com/rajivvishwa>[image: Blog
RSS]<http://feeds.feedburner.com/a4apphack>
a4apphack.com Indian Income Tax Phishing
Site<http://feedproxy.google.com/%7Er/a4apphack/%7E3/hfju_xd7b2A/indian-income-tax-phishing-site>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-bangalore/attachments/20091019/5b309c6e/attachment.html 


More information about the OWASP-Bangalore mailing list