On a very slow day the majority of the messages that reached us were about phishing. It consisted of the usual phishing for ebay, amazon, ... accounts, but one jumped up that was somewhat unusual:
Suliman brought a phishing attempt to our attention that was written in Arab aiming at a bank out there and diverting the clicks to http://www_sambaonlineaccess_com/ instead of the bank's http://www.samba.com/ normal address. According to the submitter -I can't read Arab- it was linked to an online registration of a large IPO for a chemical company.
Aside of the IPO relation, it was also noteworthy because of the language used (Arab) and of the location of the server where the clicks were directed to: Israel. I cannot help to note that at the very least this is quite provocative.
The website supposedly collecting the information wasn't responding at time I tried to look at it, which might be a good sign after all.
The lesson for the end users remains the same: never follow links you get in email. If possible turn off the rendering of HTML for email, it's a serious risk from a security perspective.
The warning for those of us fighting abuse is also clear.
Dec 26th 2005
1 decade ago