Phish for lunch

I just received the following email, which came across smelling quite phishy.  Having recently aced the McAfee Phishing Quiz (the link seems to be down now), I clicked on the link to look for the telltale signs of a phishing site.  (The first clue, by the way, is the fact that I do not have an account with WSECU...)

image

I am so used to the phishing filter in IE 7 flagging phishing sites that I was surprised when the site came up with no problems.  It also looks (by checking out the URL), that this site is actually hosted on the WSECU servers...

image

Pulled the site up in Firefox, and again, it did not get flagged as suspicious:

image

So... I typed in a username and password of "123", which pulled up the VERY obvious phishing page...

image

It was only then that I noticed how they got on the WSECU servers... Turns out they weren't.  They managed to register WSENCU.ORG (which looks a heck of a lot like WSECU.ORG).  I have since reported this site to the Firefox and IE Phishing filters, which you do as follows:

IE: Tools --> Phishing Filter --> Report this website

Firefox: Help --> Report Web Forgery

Lessons learned:

1) Just because it is not flagged as a phishing site does not mean that it is not.  It just means that the filtering companies have not come across this site yet.

2) Be smart.  Your bank will never "lose" your personal information and require you to insert your social security number, credit card number, and account number on a web page.

3)  Phishers are getting better and better at building VERY convincing sites (this site even ran the spell-checker!)