Security >>
Vulnerabilities (2008) >>
2008/11/01
On Saturday, November 1st, 2008 several users received spear
phishing attacks inviting them to reveal their passwords as follows:
Date: Sun, 2 Nov 2008 01:58:44 +0100 (CET)
Subject: CONFIRM YOUR EMAIL IDENTITY FOR UPGRADE/MAINTENANCES
From: "WEBMASTER ALERTS"
Reply-To: webmaster01@webmail.co.za
To: undisclosed-recipients:;
UWATERLOO.CA WEBMAIL UPGRADE 2008 EDITION NOTIFICATION!!!
================================================
Dear UWATERLOO.CA Subscriber,
This message is from the UWATERLOO.CA Webmail users messaging center to
all UWATERLOO.CA Webmail subscriber. We are currently upgrading our
web/data base and carrying out maintenances of all our e-mail accounts in
order to reduce the rate of spam mails. We are also deleting all unused
UWATERLOO.CA Webmail account to create more space for new accounts.
WE are also upgrading our database storage facility without shutting down
the old Server(NT06717) to a new and better Server(NT21766),hence the
reason for the request and notification.
We apologize for any inconvenience this will cause our respected email users.
To prevent your account from being closed unnecessarily, you will have to
update us with the following informations below
in order to know it's a present used account and to also facilitate
maintenance operation.
CONFIRM YOUR EMAIL IDENTITY BELOW
1.Full Email Address................
2.Password:...............
3.Username.......................
4.Age/Country:.................
5.Date Of Birth:................
6.First name/Last name:.............
It is secure and safe and you can change your information 72 hours after
you receive email from us of confirmation.
Warning Code:VX2G99AAJ
Warning!!! Subscriber that refuses to UPGRADE his or her account immediately
in receipt of this warning will lose his or her account permanently.
Thank you for using UWATERLOO.CA Webmail!
Sincerely,
Customer Care Unit.
Webmaster Alerts Team.
C2008 Time Warner Cable Webmail All rights reserved.
There are several aspects of this email that are suspicious:
- Support staff will never ask for your password under any circumstances.
- UW Campus support staff should never use a foreign email account such as webmaster01@webmail.co.za.
- The grammar in this phishing email is sub-par; official communications are carefully worded.
If you have any questions/concerns or need help please let us know.
