InfoSec Handlers Diary Blog - Spot the Phish: Verizon Wireless

SANS ISC: InfoSec Handlers Diary Blog - Spot the Phish: Verizon Wireless

SANS Site Network
- Current Site
- Internet Storm Center
- Other SANS Sites Help
- Graduate Degree Programs
- Security Training
- Security Certification
- Security Awareness Training
- Penetration Testing
- Industrial Control Systems
- Cyber Defense Foundations
- DFIR
- Software Security
- Government OnSite Training

InfoSec Handlers Diary Blog

Spot the Phish: Verizon Wireless

Published: 2012-06-14
Last Updated: 2012-06-14 17:16:12 UTC
by Johannes Ullrich (Version: 1)

We have seen a couple of reports recently of pretty well done Verizon Wireless phishing attempts. At this point, I haven't gotten one with the target site still up, so they may try to install malware instead of just asking for Verizon credentials.

update: Paul just wrote in that he caught some of the links still active, and indeed they are trying to install malware and don't ask for credentials. And fellow handler Pedro notes that the malware is a blackhole exploit kit that will try to install Zeus.

See if you can spot the fake one. The answer is below the images (click to open image in new window at full resolution)

The left one is the fake. The only give away is that the fake e-mail doesn't include the partial account number, and typically indicates a large bill > $1,000 (at least large for me). I assume the large amount is supposed to cause panic clicking.

------
Johannes B. Ullrich, Ph.D.
SANS Technology Institute
Twitter

Keywords: phishing verizon

16 comment(s)

Top of page

Diary Archives