https://newera17031.activehosted.com/index.php?action=social&chash=01e9565cecc4e989123f9620c1d09c09.2117&nosocial=1

觀點

駭客發釣魚mail給NetRegistry客戶 騙帳號和密碼

2010 / 03 / 15
魏紜鈴整理
駭客發釣魚mail給NetRegistry客戶 騙帳號和密碼

NetRegistry堪稱是澳洲最大的網域名註冊商和第二大虛擬主機代管公司,今天發佈公告,警告他們的客戶,有駭客從coras.com.br發出以「Please Update」為標題的電子郵件要求更新的假mail。
釣魚mail原文如下:
The phishing scam:

Subject: Please Update
From: Netregistry Account Billing support <fjbortolim@coras.com.br>
Date: Sun, 14 Mar 2010 23:18:16 +1100
Dear Netregistry  Subscriber,

We are currently verifying our subscribers Profile in order to increase the Efficiency of our mail features.Due to the congestion in all Profile users and removal of all unused Account, Netregistry  Will be shutting down all unused Profile,To Join in the Recent Upgrade Taking Place at Netregistry ,You must Reply to this email by Confirming your account details below,
UserName:
Password:
Failure to do this will immediately render your email address deactivated from our database.Thanks for using Netregistry ! We are sorry for any inconvenience.
Regards,
Netregistry  Customer Care Team.

駭客使用來自巴西的網域名針對澳洲大型網域託管公司NetRegistry的客戶進行攻擊,透過謀取客戶帳號和密碼,以發動惡意攻擊。該電子郵件要求NetRegistry的用戶提供戶名和密碼,以「驗證用戶的文件」為由,並警告說如果不這樣做會「使你的電子郵件地址停用」。

NetRegistry CEO Larry Bloch表示,目前尚不知有沒有用戶受到影響,但技術部門正在針對不正常的攻擊進行監測。他說:「我們已經有觀察到已經有一些釣魚攻擊是針對非金融帳戶,透過用戶的帳號與密碼不一定能夠帶給駭客直接經濟利益,但他們確實是可以使用帳戶上傳惡意軟體和使用連同被竊的信用卡資料來建立新的帳戶以執行其他惡意的詐欺行為。」

台北國際資訊安全科技展暨亞太資訊安全論壇