Hello everyone.
Days ago, on my mail, I received this message, apparently from "servizio.clienti(@)telecomitalia.it (ISP)" which invites me to access the service in order to obtain a refund of 110 €. The message is a trap of course.
It's a classic attempt at theft of credit card numbers: I share It because it's wrote fine (no errors, credible logos, sender apparent very believable) and because it exceeded my phishing filters, (today WSA blocked It).
The Access button brings to this screen, which is actually hosted at "hxxp://it-10.com/tim.it/03ea4bc7e4d041256e398d2959adb74e/" and not at: Tim.it (Telecom Italy Mobile)
Obviously the goal is to convince the user to enter password for Tim.it and subsequently the data of the credit card, that will end up in the hands of criminals.
I submitted the link to Firefox/Google (Report a Suspected Web Forgery).
This a classic social engineering and phishing attack: the promise of money confuses the users who enters their personal data.
This fraud is bound to the Italians users but others, very similar, happen worldwide.
Attention from who promises you something delicious: don't trust the sender's address (as you see above, It can fake), always check the correct name of the site in the addess bar and the closed lock icon that authenticates the site (HTTPS). If you receive mail like this, delete it: If you have not entered data, you have no risk.
Days ago, on my mail, I received this message, apparently from "servizio.clienti(@)telecomitalia.it (ISP)" which invites me to access the service in order to obtain a refund of 110 €. The message is a trap of course.
It's a classic attempt at theft of credit card numbers: I share It because it's wrote fine (no errors, credible logos, sender apparent very believable) and because it exceeded my phishing filters, (today WSA blocked It).
The Access button brings to this screen, which is actually hosted at "hxxp://it-10.com/tim.it/03ea4bc7e4d041256e398d2959adb74e/" and not at: Tim.it (Telecom Italy Mobile)
Obviously the goal is to convince the user to enter password for Tim.it and subsequently the data of the credit card, that will end up in the hands of criminals.
I submitted the link to Firefox/Google (Report a Suspected Web Forgery).
This a classic social engineering and phishing attack: the promise of money confuses the users who enters their personal data.
This fraud is bound to the Italians users but others, very similar, happen worldwide.
Attention from who promises you something delicious: don't trust the sender's address (as you see above, It can fake), always check the correct name of the site in the addess bar and the closed lock icon that authenticates the site (HTTPS). If you receive mail like this, delete it: If you have not entered data, you have no risk.
Last edited by a moderator:
