Skip to content

Important: Watch out for a new Hoax email.

Featured Replies

We have had this email, pasted below sent to a number of our users today, from outside and it reads as though the IT department sent it. The subject line appears to vary slightly from the theme, as does the message body and URL but the gist is the same.

Attention!

On October 16, 2009 server upgrade will take place. Due to this the system may be offline for approximately half an hour.

The changes will concern security, reliability and performance of mail service and the system as a whole.

For compatibility of your browsers and mail clients with upgraded server software you should run SSl certificates update procedure.

This procedure is quite simple. All you have to do is just to click the link provided, to save the patch file and then to run it from your computer location. That's all.

Thank you in advance for your attention to this matter and sorry for possible inconveniences.

System Administrator

it seems to be new today, so keep your eyes peeled.

A better than average effort.

I like the opening:

ATTENTION!

There's no way anyone I know in IT has that kind of assertiveness! :rofl:

I dunno, I can imagine enough people would be stupid enough to click it and have some new trusted certificates installed so that somebody can run nasty things through the net.

Was the link a set of trusted certs, a binary or something else?

Anyone else getting belted with the fake HMRC mails that try to get the user to install a trojan?

  • Author

This is the URL link, but heavily modified so it does not work.

http://updates..secure.???????.???/core/id=744342229599--patch5072938.aspx

The domainname is your domain name, and the email address is your address. the ????? I have removed to break the link.

One of our customers called about this yesterday, it's a pretty good email and I think it will catch quite a few people out. Told him to forward it on to our IT fella to have a look at.

I like the way they get the company domain name in there to make it seem kosher.

:thumbup: Thanks for the heads up on that, as someone said actually better than the usual efforts!

Theres some very clever phishing emails going around at the moment.

Where i work, we are getting the following......

From: [email protected] [mailto:[email protected]]

Sent: 14 October 2009 15:21

To: [email protected]

Subject: For the owner of the [email protected]. e-mail account

Dear user of the company.com mailing service!

We are informing you that because of the security upgrade of the mailing service your mailbox ([email protected]) settings were changed In order to apply the new set of settings click on the following link:

http://company.com/owa/service_directory/[email protected]&from=company.com&fromname=ttest2e07d7 (Hyperlink Removed)

Best regards, company.com Technical Support.

These Phishers are getting soo much better at what they do!

Hmmm, I never use that many ! in these sorts of emails :)

Mainly because they're really boring and nothing to get excited about ;)

But yes, pretty good efforts there. I'll certainly keep an eye out.

Cheers,

Steve

We (Company i work for) have found this spam been sent to users! And some have clicked on the link and launched the exe! Luckily the McAfee has blocked the attempted password logger and deleted it. We have also seen traffic blocked on the firewall going direct to the url's IP (in China). we have blocked the urls (multiple) at the proxy's and blocked the IP on the firewalls, etc...Not too sure on any damage yet!

This is the URL link, but heavily modified so it does not work.

http://updates..secure.???????.???/core/id=744342229599--patch5072938.aspx

The domainname is your domain name, and the email address is your address. the ????? I have removed to break the link.

We're getting it too. It's pretty good as far as phishing mails go.

Like a similar sort of phone call - "You have won first prize in the xxx prize draw -press 9 to connect to the main site " - and in turn you'r connected to some offshore site at £1.5 a min to tell you about some worthless prize .

RING A BELL ??

I heard that "losing" an USB-Stick with malware on the companys parking lot is more efficient if you have serious intentions... ;)

There is another one doing the rounds from friend's hotmail accounts asking you for your email and password to see who has blocked you from MSN Messenger. Got one from an Italian friend who does not speak much English so knew it was not from him.

I heard that "losing" an USB-Stick with malware on the companys parking lot is more efficient if you have serious intentions... ;)

Yes read about a pen test company that did it successfully. (l)users are stoopid:thumbdwn:

There is another one doing the rounds from friend's hotmail accounts asking you for your email and password to see who has blocked you from MSN Messenger. Got one from an Italian friend who does not speak much English so knew it was not from him.

I get that too but I delete it as I dont really want to know who has blocked me on msn anyway!!!

Create an account or sign in to comment

Recently Browsing 0

  • No registered users viewing this page.

Important Information

Welcome to BRISKODA. Please note the following important links Terms of Use. We have a comprehensive Privacy Policy. We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.

Account

Navigation

Configure browser push notifications

Chrome (Android)
  1. Tap the lock icon next to the address bar.
  2. Tap Permissions → Notifications.
  3. Adjust your preference.
Chrome (Desktop)
  1. Click the padlock icon in the address bar.
  2. Select Site settings.
  3. Find Notifications and adjust your preference.