[Dshield] E-mail verification request from pgp.com?
Valdis.Kletnieks at vt.edu
Mon Oct 3 03:08:58 GMT 2005
On Sun, 02 Oct 2005 15:19:02 PDT, Laurent Saplairoles said:
> and from a structural point of view this message looks legit (DN matches
> IP...). Nevertheless, it is very suspicious: I do not expect to receive this
> kind of message from eBay or my bank. Why would PGP, which is supposed to
> attest of my "identity" use what looks pretty much a phishing technique?
I got one of these as well, the headers look legit, and the URLs go to the
right place, and they don't collect any actual personal info. As far as I
can tell, they're just burping the public keyserver database to get rid of
old and bogus entries - the only info they're getting is "the e-mail address
the key points at is still valid and somebody validated they still want to be
listed in the public keyservers".
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 226 bytes
Desc: not available
Url : http://www.dshield.org/pipermail/list/attachments/20051002/ed1a6652/attachment.bin
More information about the list