A stupid phishing attempt is underway!
By Ryan on Thursday 15 October 2009, 15:39 - alert - Permalink
Hello,
We have heard from many of our customers that they have been receiving phishing emails.
These mails take the following form:
The phishing scheme seems idiotic at first, because the clickable URL uses your own domain name.
In reality, however, the link is not the real link, which points to an external server, and asks you to perform a download, which seems to be a version of a known trojan called Zeus/Zbot.
The server(s) in question is/are already registered in the various anti-phishing systems.
In any case, we recommend that you continue to remain vigilant, since one stupid phishing attempt can hide another !
We will take this opportunity to remind you of the basic rules of use.
You must always verify when you enter your password that you are on Gandi's website, our SSL certificate is an EV Business certificate, and is Green in your web browser's address bar. It is not possible for an idiot internet criminal to get one of these (at least, not yet...).
We have heard from many of our customers that they have been receiving phishing emails.
These mails take the following form:
Dear user of the yourdomain.com mailing service!
We are informing you that because of the security upgrade of the mailing service your mailbox (you@yourdomain.com) settings were changed. In order to apply the new set of settings click on the following link:
http://yourdomain.com/owa/service_directory/settings.php?email=you@yourdomain.com%from=yourdomain.com%fromname=vous
Best regards, yourdomain.com Technical Support
The phishing scheme seems idiotic at first, because the clickable URL uses your own domain name.
In reality, however, the link is not the real link, which points to an external server, and asks you to perform a download, which seems to be a version of a known trojan called Zeus/Zbot.
The server(s) in question is/are already registered in the various anti-phishing systems.
In any case, we recommend that you continue to remain vigilant, since one stupid phishing attempt can hide another !
We will take this opportunity to remind you of the basic rules of use.
You must always verify when you enter your password that you are on Gandi's website, our SSL certificate is an EV Business certificate, and is Green in your web browser's address bar. It is not possible for an idiot internet criminal to get one of these (at least, not yet...).