[Dshield] Just received (phishing)

J Lake jlake at knoxcounty.midcoast.com
Fri Feb 3 11:53:44 GMT 2006

On Thursday 02 February 2006 02:04 pm, Aaron Lewis wrote:
> Phishing attempt for Town North Bank in Texas. I received an email linking
> me to a site asking for all the account information. I'm not a customer
> there but the URL I was lead to is

This reminds me to ask a question to the group: 

Someone in my organization was taken in by a phishing scam this week.
When I asked him about it further, I found out that the e-mail address that
the phish was sent to is not an address in general circulation. I think he 
fell for it because that address was used by the bank and only one or two
other people had it.

So my question to the group is, should I imply from this that the bank's
information was compromised in some way? It is a really small, local bank. I 
can't think of any other reason for someone to associate that bank and his 
uncirculated e-mail address without figuring that the bank either losing that 
information, or selling it. Can anyone help me understand this better?

Here was the link by the way, it's dead now:
> Please confirm your email by clicking the link below :
> http://cash4erotik.de/.p/Onlinebanking/

More information about the list mailing list