19th February 2004
text with a
link to forged
Spoofed Web page/site?
Web page/site origin
See our guide to
See our guides to
Additional verification - Phishing Scam
19th February 2004
Your AT&T account has been chosen for random verification...
read also our brief guide to Phishing
This AT&T email (see image below) is a forgery which
contains a disguised link to a forged web page which aims to convince
users to give up their financial information.
The forged web page was being hosted in Cyber World
Internet Service's web space and has been removed already. The link further utilises
the URL spoofing vulnerability that exists in unpatched versions of Internet
Explorer. This bug allows the URL (in the browser address bar) to be spoofed
- for instance, www.ebay.com could be shown while a forged page at a completely
different URL would be shown in the browser window. Please ensure that you run
Windows Update to patch your version of Internet Explorer.
This bug has been increasingly exploited by email scammers
in the last 4 to 6 months, and they continue despite Microsoft's recent patch.
The vulnerability allows a fake URL to be shown in the status bar of Microsoft
Outlook and browser products (while holding the cursor over the link). We have
set up a Browser
Test cloaked link which you can use to see if your browser is vulnerable.
You can also check links in emails or web pages for cloaking using our Link
Checker, and you can check for URL spoofing while at a web page using
Checker (which will also reveal the true origin of the web page that
you are viewing).
informed of the latest Spoof Email Phishing Scams with either of our FREE alert services...
Add your email address to our email alert service...
Tap into our Scam Alert service using your News Reader or Aggregator (including
Scam Alert News Feed
You can even put the latest alerts on your own web
you have received this email, please remember that it is very common for these
email scams to be redistributed at a later date with only slightly different
content or the same but with the fake page(s) hosted by a different provider.
Also, once you have received one of these hoaxes, it is also common place to
receive at least another one and usually a day or two after the first, although
not necessarily from the same apparent sender.
Take a good look at the following images, because
this email scam may be coming to an inbox near you!
The Email ...