Trustwave Vulnerability Scan Scam

This one is potentially a better attempt at a phishing scam than most.

Supposedly from TrustWave, it tells of a failed vulnerability scan on my network and to view the results online.

Visiting this site potentially loads Malware, or tries phishing techniques to get access to your systems.

One interesting aspect of this is it predicts IP ranges that will attempt to access your network, which makes me lean toward a malware attack.

This is an automated email message to prevent you that the scheduled TrustKeeper vulnerability scan of YOUR NETWORK SYSTEMS has completed and is not compliant.

IMPORTANT: During the scan, TrustKeeper Discovered several Unsecure systems. Trustwave strongly recommends you review these findings as your overall PCI DSS compliance status may be affected.

TrustKeeper generated a vulnerability scan report. You may view these results by accessing TrustKeeper at:

https://login.trustwave.com
User Name:webmaster@deepweb.co.nz

You will receive an e-mail confirmation when the scan completes and your results are available. Please note that this can take up to three days.

Note: If you monitor your network for activity, note that the TrustKeeper scan may originate from IP addresses in these ranges:

200.16.208.0/24
61.37.230.0/24

TrustKeeper is a certified remote assessment and compliance solution created by Trustwave and designed to help merchants meet the PCI DSS and achieve compliance with the associated programs of VisaŽ, MasterCardŽ, American ExpressŽ, DiscoverŽ, and other credit card associations. The TrustKeeper solution is an integrated easy-to-use tool that removes the challenge of navigating the complex PCI DSS requirements and provides a “one stop shop” for merchants to certify compliance.

DO NOT REPLY TO THIS MESSAGE VIA EMAIL.

This mail is sent by an automated message system and the reply will not be received. Thank you for using TrustKeeper.
This email was sent to: webmaster@deepweb.co.nz
This email was sent by: Trustwave
80 West Madison Street, Suite 1080, Chicago, IL, 60408, USA

We respect your right to privacy – view our policy

So a new attack method, using fear to cause people to click the link and open themselves up for the real attack.

Tagged with:

Leave a Reply

Your email address will not be published. Required fields are marked *