[OWASP-Bangalore] India Income Tax Mail and Phishing Site

Rajiv Vishwa rajivvishwa at gmail.com
Mon Oct 19 02:49:22 EDT 2009

Hi Guys,

Today I received a mail from the sender ‘India Tax Departament’ that I am
yet to receive the tax refund amount. The first this I did was to check the
sender email id and it was from ‘*wnrlky at aol.com*‘. I can assume that this
id has been long used for phishing attacks (the id resembles ‘winnerlucky’).

Knowing that this is a phishing mail I wanted to check the link which was
embedded. The site to which I was redirected was surprisingly similar to the
actual India IT site. The site contained a form which accepts the credit
card and other details.

Please check this page for the complete details :

Rajiv Vishwa
AppSec Consultant |

Chat Google Talk: rajivvishwa
Contact Me [image: Linkedin] <http://www.linkedin.com/in/rajivvishwa>[image:
Facebook] <http://www.facebook.com/people/Rajiv-Vishwa/503613464>[image:
Youtube] <http://www.youtube.com/user/rajivvishwa>[image:
del.icio.us] <http://delicious.com/rajivvishwa>[image: Blog
a4apphack.com Indian Income Tax Phishing
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-bangalore/attachments/20091019/5b309c6e/attachment.html 

More information about the OWASP-Bangalore mailing list