efax sends it own phishing email.? or java script I can't decode?

Sat, 21 Mar 2009 05:03:22 -0700

client got an html email (which was scored really high) due to the 'unable to obtain payment from your credit card' with a link to their web site where they advised client to log in and enter in new credit card information. 
neat (useless?) java script in email:
<html xmlns:c="http://java.sun.com/jstl/core"; xmlns:twa="mytags" xmlns:jsp="http://java.sun.com/JSP/Page"; xmlns:t="toTranslate"> 


initially I suspected it as just another phishing email, but best I can 
tell (unless there is some neat java stuff in the email), headers, 
typical phishing email designed to trick the gullable into putting in 
their credit card info), but I can't tell why this ISN'T efax's web site 
in the link:



Here are some convenient options for resolving this situation:
         </p>
<p class="middle">

<b>1. </b><a style="color: #036;" 
href="https://www.efax.com/en/efax/twa/login?VID=5&";><span>Log into your 
account to update or change your credit card information</span></a>



<a style="color: #036;" 
href="https://www.efax.com/en/efax/twa/login?VID=5&";><span>Log in to 
your account</span></a>

         to change your PIN or other account information.
       </p>
</div>

I'll post on pastebin. http://pastebin.com/m10c14b3a


 is this an incredibly cleaver phishing email that takes some 
javascript I can't see to change the destination url or just incredibly  
clueless people at efax? (who have in the past sent out your password 
reminder in plain text email, once a month)

(I also saw the customer number in the headers, I removed that)


their privacy statement says they respect your privacy:


j2 Global Communications, Inc. and its subsidiaries (the "Company", 
"we", "us" or "our") are dedicated to establishing trusting 
relationships with our users by respecting their personal identity and 
by promoting the use of fair information practices.



--
Michael Scheidell, CTO
Phone: 561-999-5000, x 1259
> *| *SECNAP Network Security Corporation

   * Certified SNORT Integrator
   * 2009 Hot Company Award Finalist, World Executive Alliance
   * Five-Star Partner Program 2009, VARBusiness
   * Best Anti-Spam Product 2008, Network Products Guide
   * King of Spam Filters, SC Magazine 2008

_________________________________________________________________________

This email has been scanned and certified safe by SpammerTrap(r). 
For Information please see http://www.secnap.com/products/spammertrap/

_________________________________________________________________________






















					Reply via email to