[Owasp-Malaysia] [Phishing] Fwd: Very Important Updates

David Fetter david at fetter.org
Sun Dec 5 23:18:24 EST 2010


Is it really necessary to warn people on this list that an email or
any other communication, no matter how official-looking or where it
appears to originate, requesting their credentials should be treated
as phishing until proven otherwise?

Perhaps putting together a course with the basics could
help...although I've seen a lot of people claiming to be security
experts give really truly horrible advice based on voodoo and just
plain silliness.  "Change your password frequently" would be one
example of such bad advice.

Cheers,
David.
On Mon, Dec 06, 2010 at 08:20:56AM +0800, Harisfazillah Jamel wrote:
> Assalamualaikum and salam sejahtera,
> 
> carefull friends, this is a phishing email that want your Google
> Account Password.
> 
> 
> ---------- Forwarded message ----------
> From: Google_Data/info.rqr at gmail.com <googlleinfodetailsregr at gmail.com>
> Date: Mon, Dec 6, 2010 at 4:14 AM
> Subject: Very Important Updates
> To:
> 
> 
> We just need to verify your account before we can assure you of our
> new webmail secure server system.
> Account verification helps with preventing spam. Recovering account
> access: we will use your information to verify your identity if you
> ever lose access to your account.  To prevent your account from
> disability, you will have to provide your login details below for
> verification and confirmation purpose on the new database system.
> 
> Your User’s Name:
> 
> Password:
> 
> Current Country:
> 
> Warning!!! Account owner that refuses to provide the full details
> above within Seven days of receiving this warning will lose his or her
> account permanently.
> 
>  For more information, please read our frequently asked questions.
> The Google Team.
> 
> --------- Email Header -----
> 
> 
> Delivered-To: linuxmalaysia at gmail.com
> Received: by 10.231.117.230 with SMTP id s38cs101391ibq;
>         Sun, 5 Dec 2010 12:14:41 -0800 (PST)
> Received: by 10.150.219.3 with SMTP id r3mr4507084ybg.240.1291580080884;
>         Sun, 05 Dec 2010 12:14:40 -0800 (PST)
> Return-Path: <fst at herrys.info>
> Received: from p3plwbeout13-03.prod.phx3.secureserver.net
> (p3plsmtp13-03-2.prod.phx3.secureserver.net [173.201.192.166])
>         by mx.google.com with SMTP id q23si10629692ybk.28.2010.12.05.12.14.40;
>         Sun, 05 Dec 2010 12:14:40 -0800 (PST)
> Received-SPF: neutral (google.com: 173.201.192.166 is neither
> permitted nor denied by best guess record for domain of
> fst at herrys.info) client-ip=173.201.192.166;
> Authentication-Results: mx.google.com; spf=neutral (google.com:
> 173.201.192.166 is neither permitted nor denied by best guess record
> for domain of fst at herrys.info) smtp.mail=fst at herrys.info
> Received: (qmail 3898 invoked from network); 5 Dec 2010 20:14:40 -0000
> Received: from unknown (HELO localhost) (10.6.247.7)
>   by p3plwbeout13-03.prod.phx3.secureserver.net with SMTP; 5 Dec 2010
> 20:14:36 -0000
> Received: (qmail 5983 invoked by uid 99); 5 Dec 2010 20:14:36 -0000
> Content-Transfer-Encoding: quoted-printable
> Content-Type: text/html; charset="utf-8"
> X-Originating-IP: 41.30.224.160
> User-Agent: Web-Based Email 5.2.41
> Message-Id: <20101205131436.b72153d6b5f308abe9d0b44d8e1fb3cf.6e30167f44.wbe at email13.secureserver.net>
> From: "Google_Data/info.rqr at gmail.com" <googlleinfodetailsregr at gmail.com>
> X-Sender: fst at herrys.info
> To:
> Subject: Very Important Updates
> Date: Sun, 05 Dec 2010 13:14:36 -0700
> Mime-Version: 1.0
> 
> 
> -- 
> I love Aardvark! Join my network so we can help each other out...
> http://vark.com/s/foGQ
> 
> My Facebook
> http://www.facebook.com/linuxmalaysia
> 
> My Blog
> http://blog.harisfazillah.info/
> 
> My Network
> http://www.facebook.com/Bukan.Sekadar.Internet.Sahaja
> _______________________________________________
> Owasp-Malaysia mailing list
> Owasp-Malaysia at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-malaysia
> 
> OWASP Malaysia Wiki
> http://www.owasp.org/index.php/Malaysia
> 
> OWASP Malaysia Wiki Facebook
> http://www.facebook.com/pages/OWASP-Malaysia-Local-Chapter/295989208420

-- 
David Fetter <david at fetter.org> http://fetter.org/
Phone: +1 415 235 3778  AIM: dfetter666  Yahoo!: dfetter
Skype: davidfetter      XMPP: david.fetter at gmail.com
iCal: webcal://www.tripit.com/feed/ical/people/david74/tripit.ics

Remember to vote!
Consider donating to Postgres: http://www.postgresql.org/about/donate


More information about the Owasp-Malaysia mailing list