[ NNSquad ] NASDAQ's Sloppy, Phishing-like password reset message after being hacked?

NNSquad - Network Neutrality Squad
NNSquad Home Page
NNSquad Mailing List Information

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[ NNSquad ] NASDAQ's Sloppy, Phishing-like password reset message after being hacked?

To: nnsquad@nnsquad.org
Subject: [ NNSquad ] NASDAQ's Sloppy, Phishing-like password reset message after being hacked?
From: Lauren Weinstein <lauren@vortex.com>
Date: Sat, 27 Jul 2013 07:52:40 -0700

NASDAQ's Sloppy, Phishing-like password reset message after being hacked?
http://j.mp/14k5Niq  (This message on Google+)

  - - - [forwarded message begins] - - - 

[name withheld]

NASDAQ wrote the other week that they were hacked badly. They
closed the site for some days. Now I got this email:

  Dear Community Members:
  We are pleased to inform you that your "My NASDAQ" account
  is again online and available. We invite you back to enjoy
  all the features you have come to rely upon, including your
  portfolio tracker, stock ratings and social features. To regain
  access to your account, please set a new password by going to
  http://community.nasdaq.com/reset-password.aspx, entering your
  email address, and clicking on the "Reset Password" button. You
  will be sent a verification email which contains a link. You can
  then use that link to reset your password.

  Thank you for your patience. You are a valued member of our
  audience and your security is paramount to us.

  Sincerely,
  Bruce Hashim
  www.nasdaq.com

The trouble I see is, the URL given is in an HTML mail, and
it doesn't actually go to what is being displayed. Rather,
it goes to (numbers munged):
http://www.mmsend10.com/link.cfm?r=[xxxxxxxx]&sid=[xxxxxx]&m=[xxxxx]&u=NASDAQ_OI S&j=[xxxxxx]&s=http://community.nasdaq.com/reset-password.aspx

Now, I'm not saying it's not legit, mind; I don't know. But mmsend10.com
is owned as follows:

   Registered through: GoDaddy.com, LLC (http://www.godaddy.com)
   Domain Name: MMSEND10.COM
      Created on: 04-Jan-08
      Expires on: 04-Jan-15
      Last Updated on: 02-Jan-13

   Registrant:
   Real Magnet LLC
   4853 Cordell Ave
   PH-11
   Bethesda, Maryland 20814
   United States

   Administrative Contact:
      Pines, Tom  domain-admin@realmagnet.com
      Real Magnet LLC
      4853 Cordell Ave
      PH-11
      Bethesda, Maryland 20814
      United States
      +1.3016524025

   Technical Contact:
      Pines, Tom  domain-admin@realmagnet.com
      Real Magnet LLC
      4853 Cordell Ave
      PH-11
      Bethesda, Maryland 20814
      United States
      +1.3016524025

   Domain servers in listed order:
      NS1V.DATAPIPE.NET
      NS2V.DATAPIPE.NET


That does not exactly foster trust on my first take.

  - - - [forwarded message ends] - - -

--Lauren--
Lauren Weinstein (lauren@vortex.com): http://www.vortex.com/lauren 
Co-Founder: People For Internet Responsibility: http://www.pfir.org/pfir-info
Founder:
 - Network Neutrality Squad: http://www.nnsquad.org 
 - PRIVACY Forum: http://www.vortex.com/privacy-info
Member: ACM Committee on Computers and Public Policy
Lauren's Blog: http://lauren.vortex.com
Google+: http://google.com/+LaurenWeinstein 
Twitter: http://twitter.com/laurenweinstein
Tel: +1 (818) 225-2800 / Skype: vortex.com
_______________________________________________
nnsquad mailing list
http://lists.nnsquad.org/mailman/listinfo/nnsquad

Prev by Date: [ NNSquad ] Content owners warn Congress of "fair use creep, " draw ridicule
Next by Date: [ NNSquad ] How a satellite called Syncom changed the world
Previous by thread: [ NNSquad ] Content owners warn Congress of "fair use creep, " draw ridicule
Next by thread: [ NNSquad ] How a satellite called Syncom changed the world
Index(es):
- Date
- Thread