Home > stuff > Okay, this is a neat attack…

Okay, this is a neat attack…


This morning I received an email from my “administrator” saying that I needed to validate my email address within the next 48 hours or my email account would be suspended.  Seeing as how I’m my own email administrator, I couldn’t remember sending out such a message, I decided that this was likely spam.  I’m always interested in seeing how these attacks are actually going to be played out so I clicked on the link.

OWA Verify Screen

OWA Verify Screen

Neat, Microsoft-y looking screen!  And it looks like the backend is WordPress!  It looks like the attacker is using the account system in WordPress to collect the information.  When you submit your information for validation you get this response:

Your information was successfully submitted, please ensure that you entered your email details correctly; to enable us complete your security updates. If you have entered your details wrongly kindly click back and refill in details correctly.

N.B Please be informed that filling in the wrong details will be resulting to the deactivation of your email address.

I’m guessing my address will not be closed down, since I did not provide my correct email information.  I don’t know, maybe I’ll disable my own email… you know, just for the weekend.

Advertisements
Categories: stuff
  1. lsatenstein
    2014-08-22 at 09:53 EST

    You can tell it is spam, just by the wording. In India, they would say, “information entered wrongly,” but in the USA, the wording would be, “if information is incorrect”

    Rarely would you see, information entered incorrectly.

  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s