Tuesday, January 18, 2011

Phishing Fax? or just plain fishy

This afternoon we got a one page fax from someone in Vancouver WA wanting a quote for some specific printer supplies (we don't sell printer supplies - duh). The letter was well written with a good logo and plentiful contact info including physical address, phone, fax, and an email address.

So the first thing I did was go to their website based on the email address. Oops! just a standard Windows Lives template - STRIKE ONE!

Next I did a whois on the domain, the name matched the name on the fax but - STRIKE TWO!! - the domain was registered just yesterday and domain privacy is enabled. Now I'm curious.

So I went to Google maps and put in the address and did a street view. Turns out it is a residential street with older one story inexpensive small ranch houses - STRIKE THREE!!!

Next I went to the State of Washington business lookup database and found there is no legal business registered by that name - STRIKE FOUR!!!! (anybody from the state of WA listening?)

Just for good measure I did some additional google searches and found out this person has registered 104 domains - STRIKE FIVE!!!!!

The fax wanted availability of items, pricing, method of payment and contact person (name, phone...) - this gives the phisher a name and possibly an email for their database - if they are a phisher. They wanted the quote faxed back, which gives them a verification that the original fax number (mine) was good and possibly a new fax number as part of the fax back of the quote.

What are they doing? good question. Are they looking for additional contact info to build or verify their sucker list of fax numbers, email addresses, names and phone numbers? Who knows?

Phishing or fishy? definitely fishy if nothing else.


No comments: