[Dshield] Banks Openly Inviting Email Fraud

Jon R. Kibler Jon.Kibler at aset.com
Mon Feb 23 22:58:09 GMT 2004

Samantha Fetter wrote:
> Good post, Jon.  Wow...
> I knew I had recently received an email from Capital One regarding my
> online statement being ready....
> Return-Path: <service at capitalone.bfi0.com>
> Received: from bigfootinteractive.com (arm110.bigfootinteractive.com
> [])
> From: Capital One <capitalone at capitalone.bfi0.com>
> I was a bit shocked to see it so skewed.
> Thanks,
> Samantha

A couple of question: 
 1) After having received the above email, if the message had contained 
    a link to go check your online statement, would you have clicked on 
    it without giving it a second thought?

 2) If the link that you clicked on had prompted you to enter your name,
    credit card number, and PIN in order to access your online statement,
    would you have done so without giving it a second thought?

Even if you hesitated to do so, imagine how many people would have readily
entered that information without giving any consideration to the potential
consequences of having done so! Especially, if they just received a prompt
dialog box with no URLs or anything else that may give an indication of a
bogus URL in action.

Thank you for helping me illustrate my point!

Jon R. Kibler
Chief Technical Officer
A.S.E.T., Inc.
Charleston, SC  USA
(843) 849-8214

Filtered by: TRUSTEM.COM's Email Filtering Service
No Spam. No Viruses. Just Good Clean Email.

More information about the list mailing list