Powered by Movable Type 3.121
Home The Book Training Events Tools Stats
Web log archive.
A Dispatch

« An Email From Hillary Clinton | Main | Why I Never Unsubscribe »

November 30, 2009

Sears Card Phishing

A Sears card lets one shop at Sears and Kmart, both in brick-and-mortar and online stores. If you have a Sears card and yield to the tricks of one of today's phishers, you will hand over your account to someone capable of having a real shopping spree. Moreover, if your login credentials are the same for your Sears card and other major banking one e-commerce sites, you and your credit history could be in for a world of hurt.

Here's the simple Sears phishing missive seen today:

From: Sears Card
Subject: You have one new message from Sears Card

You have 1 new message
Please log-in to your Sears Card account.
Your Internet Banking Account may be locked.

Please identify yourself by visiting our Online Banking service:

Sears Card ONLINE

© 2009 Sears Card Online. All rights reserved.

The destination URL redirects to a site whose domain was registered waaaay back earlier today. And the page is a complete ripoff of the actual Sears Card page, including the same HTML errors as the original.

BTW, Sears Card is managed by Citibank. When there's a problem with your Sears Card account, Citibank goons are the ones who come after you.

Posted on November 30, 2009 at 10:37 AM