LocatePlus Users Beware of Scam Email & Phishing Attempt
I received the following email this afternoon attempting to phish LocatePlus.com account information.
++++
From: trnvaegr@www.locateplus.com
To: accurate5621@aol.com
Sent: 4/16/2009 11:24:25 A.M. Central Daylight Time
Subj: LocatePLUS and EnterSect SECURITY ISSUE
Yesterday we discovered a big security hole in our system.
To prevent unauthorized access to accounts of our customers we ask to change your password.
Please login to your account at: http://www.locateplus.com and change your password.
Thank you for understanding,
Steven W. Silva
Vice President, Business Development
ssilva@locateplus.com
++++
While I have disabled the link in this post, clicking on the link in the email took me to http://www.locateplus.org.cn, which is registered in China (.cn) and certainly not the correct LocatePlus.com URL. There were several other clues in the email that told me right away that this was not a legitimate LocatePlus email:
1. I no longer use LocatePlus- I cancelled my account with them several months ago and use other information providers instead.
2. The email address they sent this message from, trnvaegr@www.locateplus.com, is not configured correctly- it should have been “@locateplus.com” and not “@www.locateplus.com.”
3. There were many grammar and spelling errors in the email.
4. The email address they sent this message to, accurate5621@aol.com, is not the address where I received the email, is not my address and is not the address I had my account under.
What is all of this “phishing” stuff????
Phishing is the attempt to acquire sensitive personal information, such as confidential identity information, usernames, passwords and credit card details -usually via email- by pretending to be a trustworthy company with which the intended victim may have a business relationship.
Here is a great explanation about Phishing and the variations of this type of scam.
While most of us are certainly used to receiving scam emails and phishing attempts from fraudsters purporting to be from large national banks, eBay or PayPal, this particular scam could more correctly be described as a “spear phishing attempt,” which is an attempting to phish very specific targets; rather than sending out hundreds of thousands or millions of phishing emails, the fraud is directed towards one specific person, group or company.
I was a bit startled to see that the scammers were actually going after database provider and information broker account access by targeting private investigators who regularly use services such as LocatePlus, IRBSearch, Merlin Data, Tracers Info, etc., etc.; I can only imagine that they plan to use this access to commit identity theft.
Please be careful with this very sensitive account login information! We do not need another debacle like the ChoicePoint incident further restricting our access to the information that is often vital in our work to legitimately prevent or investigate crimes on bahalf of our clients.
Category: Technology
 | Random Article |  |
