-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Greetings Mark and nznog, We have had a few reports of this too - and have sent a note to the Kenyan Gov site involved below and to the US that is redirected to. Regards, - -- Matthew McGlashan -- Coordination Centre Team Leader | Hotline: +61 7 3365 4417 Australian Computer Emergency Response Team | Direct: +61 7 3365 7924 (AusCERT) | Fax: +61 7 3365 7031 The University of Queensland | WWW: www.auscert.org.au Qld 4072 Australia | Email: auscert(a)auscert.org.au
It seems theres yet-another scam going around, interesting to see this one clearly targetting an NZ-Only bank:
From: "Kiwi Bank"
Subject: Important Changes to the Terms and Conditions Source IP in the case I saw was smtp19.orange.fr ([80.12.242.18]) and the embedded link was:
http://mail.ardhi.go.ke/kiwibank.co.nz/banking/login.asp/?F6=1&F7=IB&F21=IB&F 22=IB&REQUEST=ClientSignin&LANGUAGE=ENGLISH">
It also includes a statement that requires you to say 'yes or no' to their "new" terms and conditions prior to 10 October 2006.
Posted for the benefit of those who choose to either block the destination webserver or the mail relay involved...
Mark.
_______________________________________________ NZNOG mailing list NZNOG(a)list.waikato.ac.nz http://list.waikato.ac.nz/mailman/listinfo/nznog -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (FreeBSD) Comment: http://www.auscert.org.au/render.html?it=1967 Comment: http://www.auscert.org.au/render.html?it=1967
iQCVAwUBRSXf4Ch9+71yA2DNAQK34QP/R4DUyJjaiJ7UI8NHOfn/k05oCxaBKhJ9 zs+bJJ6cfIwzzZNVU1GLDPR9ZGAre0Yn+KD1cFeFvtTrptFZBG6m4Fz8uiZjGXbf Lm9EYOu525KOEX9hMyv/qDmUNX80DbNSvA/ndd4D5t6zS4GBxMbC0YJw1ROPCUZG VIvLAEztBvo= =vkcK -----END PGP SIGNATURE-----