[SATLUG] OT: Phishing via SMS

Charles Hogan cd_satl at futuretechsolutions.com
Wed Jun 4 15:19:54 CDT 2008


Personally, I would send an abuse report to the following:
Their registrar(register.com)
Their hosting provider(bluetowerhosting.com)
AT&T
The domain register proxy
Your cell phone provider
Vonage, they really need to know about this
Courtesy copy to both the FCC and FBI

After all, there is no logical reason for Vonage to be using a domain 
register proxy.  If you haven't already deleted the message, save it for 
about a month, just in case someone above wants you to forward it to them.

Henry Pugsley wrote:
> I got an SMS this morning on my work phone that appears to be a phishing
> attack.  It came from "customer at aloha.local" with the following message:
> 
> (ALERT) You need to renew your Vonage Services, please visit us at
> www.vonagerenew.com
> 
> The web site appears to be a valid Vonage login page, but none of the links
> work.  Not sure if it will actually log you into Vonage (pass-through) if
> you put in valid credentials, but I'm not about to risk compromising my
> account to test that theory :)  The domain is registered through a proxy
> registrar in CA, so it could owned by anyone.  It is hosted at an AT&T data
> center in NY.
> 
> Any other Vonage customers get something like tihs, or is this just a random
> event?  The phone I received it on is not tied my Vonage account in any way,
> but it's possible whoever had the number before me did use it as a contact
> number somewhere.
> 
> -Henry


More information about the SATLUG mailing list