[PLUG] Is this a scam?
Scott Van Hoosen
svanhoosen at yahoo.com
Tue Feb 3 10:47:02 UTC 2004
A co-worker has a student loan through Sallie Mae, but received an
email that seemed suspicious to me.
She was asked to sign in to the following web page, using her social
security number as a password, which first caught my attention:
http://www.salliemae.com
I can see a student load using SSN, but what seemed strange is that the
login screen boldly proclaims "SSL" and shows an image of a locked
padlock. However the URL is http, not https, and the browser's lock
icon is of course unlocked.
I did a "whois salliemae.com" and also a whois on "salliemaenews.com"
which was the address from some other emails she's received and
believed to be legit. The whois shows the same contact info. Browsing
to salliemaenews.com brings up some other page, epigraphx.com.
Any of you security experts have any thoughts on this? If it is a scam,
it looks like a lot of effort was put into it.
-Scott
__________________________________
Do you Yahoo!?
Yahoo! SiteBuilder - Free web site building tool. Try it!
http://webhosting.yahoo.com/ps/sb/
More information about the PLUG
mailing list