Wednesday, September 16, 2009

Lame ph1sh1ng attempt

I opened my e-mail today and apparentely I need to update the Chase account that I dont have. Fair enough? I figured I will analyze the link I'm told to click on and get excited wondering what new and interesting javascript lies within the link or what interesting technique the attacker has sent my way.

Instead, I find a lame replica page.

The link brings you to

I haven't clicked on the link to actually observe the site but just based off the lameness of this attack I thought it deserved some ridiculing and nothing more.

The one thing I can say for the e-mail is the grammar was much better than a lot of the other e-mails sent my way. If the goal of the attacker is not to distribute malware but is actually to capture usernames and passwords from current Chase members please please give me your stats! I'd like to say that nobody would fall for this but I believe otherwise.


No comments: