Accounts Security Alert
Joe Holden
joe at joeholden.co.uk
Mon Jul 31 11:37:02 UTC 2006
Julian H. Stacey wrote:
> We, hardware at freebsd.org, &
> Halifax seems to be target of an attempt at financial fraud, appended below.
> (or at least, someone's fed them a false name, but seems fraud)
> Halifax bank ex building society in UK is really http://www.halifax.co.uk
> So I've sent to abuse at halifax.co.uk
>
> Domain owner of apparent fraud appears to be (from whois)
> Inca Research Inc
> Victoria Chambers
> Fir Vale Road
> Bournemouth
> BH1 2JN
> Name Servers are ns0.bt.net ns1.bt.net
> whois bt.net fails to give info
> (whereas whois other .net give info, .net root service OK)
> Maybe bt.net is also a fraud dummy,
> so I've also Cc'd bt at abuse.com (British Telecom) & not bt at abuse.net
>
> Forwarded With Headers
> -------------
> >From owner-freebsd-hardware at freebsd.org Mon Jul 31 11:27:12 2006
> Return-Path: <owner-freebsd-hardware at freebsd.org>
> ...
> Received: from hub.freebsd.org (hub.freebsd.org [216.136.204.18])
> by mx2.freebsd.org (Postfix) with ESMTP id F29BA5664F;
> Mon, 31 Jul 2006 07:25:56 +0000 (GMT)
> (envelope-from owner-freebsd-hardware at freebsd.org)
> Received: from hub.freebsd.org (localhost [127.0.0.1])
> by hub.freebsd.org (Postfix) with ESMTP id F3C9616A4ED;
> Mon, 31 Jul 2006 07:25:55 +0000 (UTC)
> (envelope-from owner-freebsd-hardware at freebsd.org)
> X-Original-To: hardware at freebsd.org
> Delivered-To: freebsd-hardware at FreeBSD.ORG
> Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
> by hub.freebsd.org (Postfix) with ESMTP id 697F616A4DA
> for <hardware at freebsd.org>; Mon, 31 Jul 2006 07:25:53 +0000 (UTC)
> (envelope-from wwwrun at koz.a03i1.de)
> Received: from dd2626.kasserver.com (dd2626.kasserver.com [81.209.184.189])
> by mx1.FreeBSD.org (Postfix) with ESMTP id 9743743D45
> for <hardware at freebsd.org>; Mon, 31 Jul 2006 07:25:52 +0000 (GMT)
> (envelope-from wwwrun at koz.a03i1.de)
> Received: by dd2626.kasserver.com (Postfix, from userid 30)
> id 94DCF1195A2; Mon, 31 Jul 2006 09:24:48 +0200 (CEST)
> To: hardware at freebsd.org
> From: Halifax Online Banking <security at updates.halifax.co.uk>
> Content-Transfer-Encoding: 8bit
> Message-Id: <20060731072448.94DCF1195A2 at dd2626.kasserver.com>
> Date: Mon, 31 Jul 2006 09:24:48 +0200 (CEST)
> MIME-Version: 1.0
> Content-Type: text/plain
> X-Content-Filtered-By: Mailman/MimeDel 2.1.5
> Cc:
> Subject: Accounts Security Alert
> X-BeenThere: freebsd-hardware at freebsd.org
> X-Mailman-Version: 2.1.5
> Precedence: list
> Reply-To: security at updates.halifax.co.uk
> List-Id: General discussion of FreeBSD hardware <freebsd-hardware.freebsd.org>
> List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-hardware>,
> <mailto:freebsd-hardware-request at freebsd.org?subject=unsubscribe>
> List-Archive: <http://lists.freebsd.org/pipermail/freebsd-hardware>
> List-Post: <mailto:freebsd-hardware at freebsd.org>
> List-Help: <mailto:freebsd-hardware-request at freebsd.org?subject=help>
> List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-hardware>,
> <mailto:freebsd-hardware-request at freebsd.org?subject=subscribe>
> Sender: owner-freebsd-hardware at freebsd.org
> Errors-To: owner-freebsd-hardware at freebsd.org
>
>
> [home_banner_left_020502.gif]
> Dear Customer,
> Our Technical Service department has recently updated our online
> banking
> software, and due to this upgrade we kindly ask you to follow the
> link given below to confirm your online account details. Failure to
> confirm the online banking details will suspend you from accessing
> your
> account online.
>
> [1]https://www.halifax-online.co.uk/_mem_bin/formslogin.asp
>
> We use the latest security measures to ensure that your online banking
> experience is safe and secure. The administration asks you to accept
> our
> apologies for the inconvience caused and expresses gratitude for
> cooperation.
> Regards,
> Halifax Online Technical Support
> --
> Please do not reply to this email address as it is not monitored and
> we
> will be unable to respond.
> For assistance, log in to your Halifax Online Bank account and choose
> the "Help" link on any page.
> ^© Halifax plc, Registered in England No. 2367076. Registered Office:
> Trinity Road, Halifax, West Yorkshire HX1 2RG. Authorised and
> regulated
> by the Financial Services Authority. Represents only the Halifax
> Financial Services Marketing Group for the purposes of advising on and
> selling life assurance
>
> References
>
> 1. http://naran.ru/last/FormsLogin.aspsource=halifax.co.uk/Index.PHP
> _______________________________________________
> freebsd-hardware at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-hardware
> To unsubscribe, send any mail to "freebsd-hardware-unsubscribe at freebsd.org"
>
>
>
BT.net certainly isn't fraudulant/whatever, more of a case of BT not
following RFC (not uncommon for them)
Ta,
Joe
More information about the freebsd-hardware
mailing list