Powered by Movable Type 3.121
Home The Book Training Events Tools Stats
Web log archive.
A Dispatch

« Spammer Makes a Funny | Main | Empty Medz »

July 17, 2008

Phisher Sniffing Out Moola

I hadn't even heard of Digital Insight until I started getting a series of phishing emails like the following:

From: account-updates@digitalinsight.com
Subject: Read carefully - Important Notification

Dear Administrator,

We inform you that your account is about to expire. It is strongly recommended to update it immediately. Update form is located here <http://digitalinsight.ebanking-[removed].com/onlineserv/CM/> . However, failure to confirm your records may result in account suspension.

Confidential: Please be advised that the information contained in this email message, including all attached documents or files, is privileged and confidential and is intended only for the use of the individual or individuals addressed. Any other use, dissemination, distribution or copying of this communication is strictly prohibited. This is the automated message. Please don't reply.

From what I can gather at the legitimate web site for the company, it provides software and services to financial institutions so that those institutions can offer online banking. In other words, the customers aren't consumers, but financial institutions. The company claims to have nearly 1800 customers, almost all of which must have at least a modicum of interest in online security.

Thus, it seems odd to me for a phisher to try to spew phishing spam willy-nilly in the hopes of finding not only one of the 1800 customers, but to also find one who is gullible enough to fall for a phishing message. On the other hand, I've received phishing emails for tiny regional banks in the past, so this isn't completely out of the ordinary.

Perhaps the phisher is under the impression that because Digital Insight is an Intuit company that the login credentials might also work at an Intuit account. Kind of a stretch to me, but then I'm not a crook (jowls wobbling Nixonesquely).

The links for the several phishing messages I've seen lead to freshly minted domains whose (gotta be bogus) whois records list a variety of Russian and neighboring country addresses. The phisher is also having a helluva time getting the sites to work, or work for long. But he's still trying.

It reminds me of a story that Dr. Murray Banks, a comedian-psychiatrist, used to tell about a child who was unstintingly optimistic. When his parents gave him a box of horse dung as a Christmas present, he dove headlong into the contents and clawed his way through the muck, yelling, "You can't fool me...I know there's a pony in here somewhere!"

Posted on July 17, 2008 at 09:35 AM