Monday, May 2, 2011

Don't use the link to check your mailbox storage limits

This is more of a phishing scheme than a spam scam, but it's worth commenting nonetheless. The headers show that the message was sent via a hacked mailbox belonging to a school administrator in Indianapolis. The link following the "click here" goes to a login form hosted on, a financial services management company in Scottsdale, Arizona; it looks like someone infiltrated their server to deposit the form.

The form itself asks for your username, password and other personal identifiers -- which, of course, are sent right to the hackers.

Two lessons to be learned here:

First, protect your email account and server. Someone in Indianapolis messed up by letting his/her mailbox be hacked, and so did someone at Baron Capital.

Second, even if the email looks legit, don't click links!

From: "Kathy Rieke"
Date: May 2, 2011 2:12:00 AM PDT
Subject: Your Mailbox Has Exceeded It Storage Limit

Your Mailbox Has Exceeded It Storage Limit As Set By Your Administrator, And You Will Not Be Able To Receive New Mails Until You Re-Validate It. To Re-Validate - > Click Here: (link suppressed)

System Administrator.

This e-mail and any attachments are from a sender at the Metropolitan School District of Washington Township in Indianapolis, Indiana. They are intended for the named recipients and may contain information that is confidential or privileged under Indiana and Federal Law. Any error in addressing or sending this e-mail is not a waiver of confidentiality and does not consent to copying or distribution of this e-mail or attachments. If you receive this e-mail in error, please notify the sender of the error by return e-mail and delete this e-mail and its attachments. If there is a need to speak to the sender, please call [317] 845-9400 and they can provide you with contact information.

No comments:

Post a Comment