Congrats on being important enough to be phished.
We're getting those at a number of our domains as well. It appears to be a broad phishing attempt, targeting common first names and email aliases at many different domains. Occasionally the same email template has an attached .zip file instead of a link.
Some of the redirect domains for ours include:
The phishing emails the last few days have been getting much much better. I've had a number of employees forwarding emails to me checking to make sure I want them to install software. Time to do some more education about phishing.
They specifically ran a spider against profiles here - just yesterday. They tripped 3 honeybot accounts.
Also new: I got various phishing mails for the scandinavian service "runbox" - big email provider here in europe...
looks like a spike in phishing today!
We got a pile of these sent to our organization this morning as well.
same here from the polikki domain mentioned above.
yep - i got a bunch of others, but I have back tracked this to a bot that ran on WebmasterWorld yesterday.
I also got one at my work email. Looks like these guys are active.
I have been noticing more .eu and .uk addresses in spam for the past two weeks.
Yes, the activity is still going on. This is a phishing e-mail and not from WebmasterWorld.
I've been getting this one forwarded from my clients. It doesn't even mention the host's name, the real emails are not being used, the grammar is bad, and the sender uses the same email as the one receiving it. too many red flags. I just warned all my clients. I accidentally clicked on the link and it wanted to download an .exe file. Go Mac!
On October 22, 2009 server upgrade will take place. Due to this the system may be offline for approximately half an hour.
The changes will concern security, reliability and performance of mail service and the system as a whole.
For compatibility of your browsers and mail clients with upgraded server software you should run SSl certificates update procedure.
This procedure is quite simple. All you have to do is just to click the link provided, to save the patch file and then to run it from your computer location. That's all.
Thank you in advance for your attention to this matter and sorry for possible inconveniences.
I falsified the url
Such phishing attempts rely on "trust" and it's all too easy to fall for them.
You're right to warn folks about these.
Going little off-topic, if we register webmasterworld (dot) (any other TLD), I dont think phishers face any issues ?
Although, our network range yet not been effected by this attempt.