Disturbing spam received today uses the the language of homeland security and currency manipulation to get you to log your identity information into an insecure site (the link claims to be pointing to www.fdic.gov but via HTML link formatting in fact points to a numerical IP address and port number – 126.96.36.199:3180 – presenting the false web address as a pseudo username with a forced linebreak to hide the actual destiantion).
I wonder if it’s targeted at recipients of the Nigerian-scam spam who might be afraid their bank accounts have been somehow compromised?
Full text of the email attached in the overleaf:
Subject: Important News About Your Bank Account
Date: Mon, 26 Jan 2004 13:16:37 -0400 (EST)
X-Mailer: Microsoft Outlook Express 6.00.2720.3000
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2727.1300
To whom it may concern;
In cooperation with the Department Of Homeland Security, Federal, State and Local Governments your account has been denied insurance from the Federal
Deposit Insurance Corporation due to suspected violations of the Patriot Act. While we have only a limited amount of evidence gathered on your account at
this time it is enough to suspect that currency violations may have occurred in your account and due to this activity we have withdrawn Federal Deposit
Insurance on your account until we verify that your account has not been used in a violation of the Patriot Act.
As a result Department Of Homeland Security Director Tom Ridge has advised the Federal Deposit Insurance Corporation to suspend all deposit insurance on
your account until such time as we can verify your identity and your account information.
Please verify through our IDVerify below. This information will be checked against a federal government database for identity verification. This only takes
up to a minute and when we have verified your identity you will be notified of said verification and all suspensions of insurance on your account will be
Failure to use IDVerify below will cause all insurance for your account to be terminated and all records of your account history will be sent to the
Federal Bureau of Investigation in Washington D.C. for analysis and verification. Failure to provide proper identity may also result in a visit from Local,
State or Federal Government or Homeland Security Officials.
Thank you for your time and consideration in this matter.
Donald E. Powell
Chairman Emeritus FDIC
John D. Hawke, Jr.
Comptroller of the Currency
Michael E. Bartell
Chief Information Officer