This is one of those times where either PGP/GPG or these digital ID things in Outlook/Outlook Express would come in handy. Not that I would expect normal users to bother to check to see if the sig is legit or not, considering these are the same people who seem to have no problem opening a zip file and running an exe in it (ala MiMail). -------------------------- Brian Bruns The Summit Open Source Development Group Open Solutions For A Closed World / Anti-Spam Resources http://www.sosdg.org The AHBL - http://www.ahbl.org ----- Original Message ----- From: "Daniel Roesen" <dr@cluenet.de> To: <nanog@merit.edu> Sent: Monday, November 10, 2003 2:30 PM Subject: Re: Email security issues

On Mon, Nov 10, 2003 at 01:10:42PM -0600, Adi Linden wrote:

...

I've just receives a nice email from my banker (ok, it claims to be from my banker) asking me to visit my banks website and confirm my email address. This email is by far the most convincing piece of fraud I received to date so far. The URL loads up the bank page plus a popup provoding a login. Looking at the source of the popup it revels that it

is

...

positively not a legit source and most likely used to harvest peoples access information.

Yep, got the same one. Quite a good fake. Even the faked Received: line has an IP from an IP block of this bank. The only "technical" thing which I saw when taking a quick look which showed the fake was the .edu relay inbetween.

Best regards, Daniel