Jesper's Blog

Obligatory file photo:

Welcome to Jesper Johansson's blog. This is my home for pontification on the web. In case this is your first time here, I have been working on information security for about 20 years, and have been writing and speaking on the topic for about 10. I am also a Microsoft MVP in Windows Security.
My most recent book is the Windows Server 2008 Security Resource Kit . Because I am also a scuba instructor you may find some posts related to that topic as well. Just because it took me so long to get it, I also like to say that I have a Ph.D. in Management Information Systems from the University of Minnesota.

Phishing the Government

OK, so this is something I haven't seen before:

The criminals have now started phishing using the government as the lure (the IRS is the Internal Revenue Service, the U.S. tax department). Of course, the refund would have been far more compelling had it happened around the time when people file their tax returns in the U.S.

The site it goes to appears to be in Korea, but it also appears to be down. Most likely it was just some compromised computer somewhere.

One more odd thing struck me about this. As you see in the picture, Outlook 2007 detected this as a possible phishing message; but only on one computer. On my other computer it was just plain junk mail. That's a bit disconcerting. Apparently the phishing detection logic in Outlook is not consistent, even within versions.

Published 22 September 2007 09:38 AM by jesper

Comments

# mattmu said on 24 September, 2007 11:03 AM

I recently saw a case where a customer's IIS server had been hacked. The bad guys installed Apache and were apparently serving the pages to go along with this scam.

I still haven't figured out how the compromised took place, but I find it interesting that they'd install Apache on a box running IIS. But there were enough hits in the IIS logs to suggest that this really could be a very profitable venture for the bad guys.

Title (required)
Name: (required)
Website: (optional)
Comments (required)
Remember Me?

Search

This Blog

Home

Community

Syndication

News

The Windows Server 2008 Security Resource Kit is available!
. You can also order it as part of the whole Windows Server 2008 Resource Kit and save some money.
Or, if you need to know about Vista instead, there is:

If you need a more general approach to help you Protect Your Windows Network, there is a book for that too

There is now a mobile version of the blog.

All postings are copyright Jesper M. Johansson, in the year they were made. These postings are provided "AS IS" with no warranties, and confer no rights. All postings are the sole opinions of Jesper M. Johansson and do not reflect any official opinion of anyone else with whom the poster is affiliated or has been affiliated in the past. Use of included code samples is permitted for non-commercial use, with no warranties of fitness express or implied. All use of any information or code snippets posted in this blog at the user's sole risk. The blog site would like to thank www.ownwebnow.com and www.exchangedefender.com for their support.

Powered by Community Server (Commercial Edition), by Telligent Systems

Jesper's Blog

Phishing the Government

Comments

Leave a Comment

Search

This Blog

Tags

Community

Archives

Links

Syndication

News