Scary Washington Mutual Online Phish
June 1, 2006 Leave a comment
Another scary phish in my mailbox (my last was “Scary Chase Online Phish”). This one, targeting Washington Mutual (WaMu) customers showed up yesterday:
Looks pretty darned good. The message is consistent with a phish, especially the “If we do not receive the appropriate account verification within 48 hours” part, where they threaten to suspend the account. Sense of urgency, and all that.
Let’s look for trouble. Mousing over the renewal ‘IdentityManagement’ URL reveals:
You’ll note that while the link looks legitimate (https even), the mouse over shows you’d be sent to an IP site that redirected to another (now-defunct) IP site.
The other URLs on the page are legitimate:
Which is typical; these sites will pull content from legitimate links to support their illusion.
Don’t be fooled by these.