Home / mailingsPDF  

Websense

Posted on 16 March 2007
Websense Security Lab

Websense® Security Labs(TM) has received reports of a phishing attack that targets users of Virgin Media. Users receive a spoofed email message, which claims that their account must be updated because of a new database server, or else an account lockout will occur. The email provides a link to a phishing site that attempts to collect personal and account information.

This phishing site is hosted in the United States and was up at the time of this alert.

Phishing email text:

Dear Member:

We apologize if u had any trouble accessing our services. In the last month we have worked day and night, for the improvement of our services. We want to do our best, and make it as simple as possible for us, but especially for you, our valued customer. From the beginning of this year we have had a big number of solicitations and because of this it was necessary to replace the old database server with a new one, which has the information about our new clients, and where some of our clients are going to get moved. Please verify your information until March 20, 2007 and help us avoid the lock-out of your services. We require all old accounts to verify their information on file with us. To verify your account details now, please visit our secure server webform by clicking the hyperlink below:

<URL REMOVED>

If you choose to ignore our request, you leave us no choice but to temporary suspend your account.
We appreciate your business and hope to keep you as a customer for life.
Virgin Media Online is so easy; no wonder it's number one !
We apologize for any inconvenience.
Thank You for using Virgin Media.

Sincerely,
Virgin Media Billing Services

--------------------------------------------------------------------------------
How can I restore my account access?
Please update your billing here: Virgin Media Billing Services and complete the web form.

Completing all of the checklist items will automatically restore your account access.

©2007 Virgin Media Inc. All Rights Reserved


For additional details and information on how to detect and prevent this type of attack:
http://www.websensesecuritylabs.com/alerts/alert.php?AlertID=753

 

TOP

Mailings :

Exploits :