[Dshield] Banks Openly Inviting Email Fraud
Jon R. Kibler
Jon.Kibler at aset.com
Mon Feb 23 22:58:09 GMT 2004
Samantha Fetter wrote:
> Good post, Jon. Wow...
> I knew I had recently received an email from Capital One regarding my
> online statement being ready....
> Return-Path: <service at capitalone.bfi0.com>
> Received: from bigfootinteractive.com (arm110.bigfootinteractive.com
> From: Capital One <capitalone at capitalone.bfi0.com>
> I was a bit shocked to see it so skewed.
A couple of question:
1) After having received the above email, if the message had contained
a link to go check your online statement, would you have clicked on
it without giving it a second thought?
2) If the link that you clicked on had prompted you to enter your name,
credit card number, and PIN in order to access your online statement,
would you have done so without giving it a second thought?
Even if you hesitated to do so, imagine how many people would have readily
entered that information without giving any consideration to the potential
consequences of having done so! Especially, if they just received a prompt
dialog box with no URLs or anything else that may give an indication of a
bogus URL in action.
Thank you for helping me illustrate my point!
Jon R. Kibler
Chief Technical Officer
Charleston, SC USA
Filtered by: TRUSTEM.COM's Email Filtering Service
No Spam. No Viruses. Just Good Clean Email.
More information about the list