hist-brewing: IMPORTANT Caution re possible Phishing or Malware re beer groups

Bill Velek billvelek at alltel.net
Thu Oct 18 15:15:39 PDT 2007 

This is an important warning to all homebrewers.  There is a strong 
possibility that someone is harvesting email addresses from one or more 
homebrewing forums and is using a fake website to plant malware or 
exploit visitors in a phishing scheme.  In order for this possible 
scheme to work, homebrewers would be targeted and the rogue site would 
be made to appear like a legitimate site of interest, in this case "Sam 
Adams".  This is why I'm suspicious and posting this warning; today I 
received the following email from estore at bostonbeer.com ...:

***Begin***
Bill Velek

Here is your login information for the bostonbeer.com Web site.

Email    : billvelek at alltel.net
Password :

If you would like to change the password indicated above please follow 
the link below.
http://businessflow.cas07.mainstreetcommerce.com/3.9.4/checkout/customer_resetpass.aspx?domain=bostonbeer.com&customer_guid=37efa99f-1d1b-4522-90e3-fde1d7cdc498

You can access your customized information by entering the login 
information above when asked.

http://216.139.237.127/
***End***

Because I couldn't recall making any attempts to register on that site, 
and because the use of an IP address is a telltale sign of phishing 
efforts, I decided to investigate by manually entering the URL for 
bostonbeer.com ... which took me to a site that _looks_ like a 
legitimate Samuel Adams site.  But knowing how easy it is to copy a 
site, and that most phishers will usually try to trick visitors by 
making things look as authentic as possible, I did some more digging. 
First, Sam Adams already has a website under the name of 
www.samueladams.com ... so why would they have two different names?
Second, I did a whois check on the above IP address, and it is _NOT_ 
registered to Samuel Adams, but instead is registered to Southwest 
Ventures in Austin, Texas, whereas the official www.samueladams.com site 
is actually registered to the Boston Beer Company in Massachusetts. 
Here are links to the two 'WhoIs' searches that I did:
http://www.networksolutions.com/whois/results.jsp?ip=216.139.237.127
http://www.networksolutions.com/whois/results.jsp?domain=samueladams.com

This is _mighty_ suspicious, so I've notified the Sam Adams company and 
asked for verification; I'll post a follow-up of any reply I receive 
from Sam Adams.  Meanwhile, I caution everyone to be very leery of any 
such emails.

Cheers.

Bill Velek - PERSONAL sites = www.velek.com & www.2plus2is4.com
740+ homebrewer group just for Equipment: www.tinyurl.com/axuol
370+ just for Growing Hops/Herbs/Grains: www.tinyurl.com/3au2uv
NEW group just for Homebrewing Supplies: www.tinyurl.com/2wnang
Join 'Homebrewers' to Help Cure Disease: www.tinyurl.com/yjlnyv

More information about the hist-brewing mailing list