Search our Spoof Library...
Another Spoof Email and Phishing Scam report by MillerSmiles.co.uk - click this image to go to our home page.

Please Validate Your Screen Name (AOL)
27th May 2004

please forward any scams you've received to spoof@millersmiles.co.uk


Report Summary
Date Reported
27th May 2004
Apparent Sender
AOL
Return Address
SNVerify14477@aol.com <SNVerify14477@aol.com>
Subject
Please Validate Your Screen Name
Format
HTML
Method
link leads to a forged AOL web form - submitted form data is captured by a remote script
Bogus Web Content?
Yes
URL of web content
Spoofed - http://www.aol.com (you'll see this if your browser is vulnerable (see below)
True URL - http://geocities.com/verify_screen
** The URL in the email message is shown as http://www.aol.com@geocities.com/agree_aol which attempts to exploit the URL spoofing vulnerability in unpatched Internet Explorer browsers (which would incorrectly show http://www.aol.com in the address bar instead of the true URL)
(the presence of the '@' symbol in any link is a sign of a possible exploit of this vulnerability).
RISK LEVEL
Medium
WARNINGS

1. Exploits URL Spoofing (canonicalisation) in Internet Explorer browsers - run Windows Update to ensure your browser is patched.
2. The forged page is currently being forwarded to the genuine AOL domain - this has something to do with one of the scripts coded into the page - we are presently unsure of the reason why this is so, but it could be to add a sense of authenticity until email recipients come back later to enter details, or it could be that AOL have altered a script that they reference in their code to initiate the redirect.
3. The page is scripted and encoded to prevent viewing the source code - we were able to descramble this quite easily.
4. Other versions of this spoofed AOL email are in circulation, iincluding ...
Account Termination, Please Respond ASAP
Account Error #22936
Please Tend to This Urgent Matter
Account Error #12493

 

" JBzapioYvW4649: Dear AOL member, Hello, my name is Steve Baldger, on behalf of the AOL Security Department. We regret to inform you that there was detection of online abuse activity. "

 

If you have received this email, please remember that it is very common for these email scams to be redistributed at a later date with only slightly different content or the same but with the fake page(s) hosted by a different provider. Also, once you have received one of these hoaxes, it is also common place to receive at least another one and usually a day or two after the first, although not necessarily from the same apparent sender.

 

The Spoof Email ...

Please Validate Your Screen Name (AOL)

 

The bogus web page ...

Please Validate Your Screen Name (AOL)

(the initial pop up message box, which will load the following forged page once the 'OK' button is pressed)

Please Validate Your Screen Name (AOL)

Stay informed of the latest Spoof Email Phishing Scams with either of our FREE alert services...
 

Stay informed of the latest Spoof Email Phishing Scams with either of our FREE alert services...

Email Alerts
Add your email address to our email alert service...
Subscribe

Privacy Policy

RSS News Feed
Tap into our Scam Alert service using your News Reader or Aggregator (including My Yahoo!).
Scam Alert News Feed

You can even put the latest alerts on your own web site.

Click here to learn more about RSS News Feeds and our Scam Alert Service!

Resources links - use one of the links below to access more information on Spoof Email & Phishing Scams.

Library of Spoof Email Phishing Scams

Brief guide to Phishing

Full article on spoof email scams

Spoof URL Checker

Link Checker

Browser URL Spoofing Vulnerability Check

Latest browser bug aids Phishing Scams - beware!

Destinations - other resources available on the MillerSmiles.co.uk web site.

Click the arrow to return to previous page

Home

Guides...

Book Terminology

How to identify a first edition book

Auction Watcher

List of the main Auction Sites world wide