So I was checking my Charter webmail and I saw this email:
Protect Your valid Charter Account
Well, gosh... I have a valid Charter account! Also, the use of gratuitous capitalization must mean that this is both important and legitimate! Let's look inside:
Goodness! Apparently, nobody at Charter can do a simple SQL query to see if email users have logged into their email accounts within an arbitrary amount of time. The aggressive use of capitalization MUST Mean It Is a Legitmate Email about my CHARTER account... right? Boy, I sure do thank them for sending this and I am more than happy to the three pieces of information required for them to log in to my account... even though they have that information already.This mail is to inform all our CHARTER users that we will be
maintaining and upgrading our website in a couple of days from now.As
a Subscriber you are required to send us your Email account details
to enable us know if you are still making use of your mailbox. Be
informed that we will be deleting all mail accounts that is not
functioning to enable us create more space for new subscribers, You
are to send your mail account details which are as follows:
User name:
Password:
Service Address Zip Code:
Failure to do this will immediately render your email address
deactivated from our database.
----------------------------------------------------------------
This message was sent using IMP, the Internet Messaging Program.
a Subscriber you are required to send us your Email account details
to enable us know if you are still making use of your mailbox. Be
informed that we will be deleting all mail accounts that is not
functioning to enable us create more space for new subscribers, You
are to send your mail account details which are as follows:
User name:
Password:
Service Address Zip Code:
Failure to do this will immediately render your email address
deactivated from our database.
----------------------------------------------------------------
This message was sent using IMP, the Internet Messaging Program.
Sigh. What a pathetic phishing attempt. Because Charter's abysmal webmail client sucks so much I can not look at the headers and launch a DoS attack against the originating IP. Some people want to rob me of all fun. Luckily, I had the presence of mind to hit "reply" and will ya look at that! This was in the To: field:
service.eng@msn.com
Of course, the info@charter.net was in the CC: field, which was who the email was allegedly from. So, yeah, this was a feeble attempt at harvesting email accounts on Charter, so watch out!
I think I am going to write an email bot and flood that account with messages, then contact MSN to let them know what's up.
One more time:
service.eng@msn.com is a stupid phisher
No comments:
Post a Comment