Wells Fargo Phishing Attempt?
Dec 13th, 2006 by Greg Bulmash
So, I just got this e-mail from Wells Fargo. It looked really official and well done. It was lacking all the stupid spelling errors many dumbass phishers make. But it still raised a bunch of red flags for me because all the links went to wellsfargo.rsc03.net. Now does rsc03.net look like a phisher domain or what?
Luckily, there's our good friend Whois. A quick check told me that rsc03.net was owned by Responsys. Well, not only are they not some fly-by-night company out of Russia or Estonia, they're a multinational marketing services corporation that counts Wells Fargo among their clients.
So it was probably legit... probably. But that left me wondering, why would a major multinational marketing services company do such a stupid thing as to send out an e-mail for a bank and then have all the links in it go to a nonsense domain like rsc03.net?
Was someone asleep at the wheel? More importantly, how many recipients didn't check the destination of the links and just clicked on them? Despite all the warnings about phishers and all the attempts to educate the public, how many people just blindly trusted this e-mail and didn't see this HUGE red flag?
I don't know who I'm more annoyed with: Responsys for being such dummies or Wells Fargo for hiring such dummies.