Results 1 to 5 of 5
  1. #1
    New Lounger
    Join Date
    Mar 2012
    Posts
    12
    Thanks
    3
    Thanked 0 Times in 0 Posts

    Understanding Domain Names

    I need a bit of education here by the Lounge Lizards more knowledgeable than I.

    I received an obviously bogus email purporting to be from Western Union (I didn't have to read past the "Dear Costumer" salutation to figure that out). As per my usual attempts to be a good Net citizen, I forwarded it to Spam@uce.gov, the Anti-phishing Working Group, and to the Abuse mailbox at Western Union and marked it for my email provider (did I miss anyone?).

    There was no attachment, but I was a bit confused by the hotlink contained in the note (I've inserted the $$ before and after to hopefully minimize accidental clicking in this post; they were not in the hotlink):

    $$https://wumt.westernunion.com/asp/orderStatus.asp?country=global$$

    This is the actual underlying hotlink, not the in-body text generated by the HTML

    Western Union's true domain name is www.westernunion.com. Thus, the masquerading domain name differs by the substitution of "wumt" for "www". Can someone either explain to me this "wumt" stuff and how it fits in or provide a link to an E-Z explanation? I read the Wikipedia article on domain names, but that didn't seem to address the question. Can you put anything in place of "www" and create a new domain name for a host site?

    Thanks.

  2. #2
    Plutonium Lounger Medico's Avatar
    Join Date
    Dec 2009
    Location
    USA
    Posts
    12,625
    Thanks
    161
    Thanked 932 Times in 853 Posts
    In doing a Google Search for WUMT, this appears to be a Western Union domain. I am sure this can also be falsified. https://wumt.westernunion does indeed go to Western Union site. This does indeed appear to be a phishing attempt.
    BACKUP...BACKUP...BACKUP
    Have a Great Day! Ted


    Sony Vaio Laptop, 2.53 GHz Duo Core Intel CPU, 8 GB RAM, 320 GB HD
    Win 8 Pro (64 Bit), IE 10 (64 Bit)


    Complete PC Specs: By Speccy

  3. The Following User Says Thank You to Medico For This Useful Post:

    PhotoSci (2012-12-05)

  4. #3
    Super Moderator
    Join Date
    Jun 2011
    Location
    New England
    Posts
    2,827
    Thanks
    88
    Thanked 347 Times in 312 Posts

  5. The Following User Says Thank You to BruceR For This Useful Post:

    PhotoSci (2012-12-13)

  6. #4
    New Lounger
    Join Date
    Mar 2012
    Posts
    12
    Thanks
    3
    Thanked 0 Times in 0 Posts
    Thanks, Medico. The email is obviously phishing (besides promising the usual millions of unclaimed funds, it contains dozens of grammatical/syntactical mistakes), but if the link actually goes to a real Western Union site, I misunderstood the scammer's methodology. Parsing the header on the email shows that it comes from Benin Telecom in the Republic of Benin (Africa). I'm guessing now that if I go to this apparently real Western Union site and put in the contact number contained in the email that the scammer will then use this to ask me for money to release my millions." I had been assuming that the link was to a fake Western Union site that would drop malware, but this is the more classic "contact us and we'll take it from there" scam. Appreciate your putting me on the right track.

  7. #5
    New Lounger
    Join Date
    Mar 2012
    Posts
    12
    Thanks
    3
    Thanked 0 Times in 0 Posts
    And thank you BruceR for the links. The posting on Daily Scam Alerts is near-identical to mine. [Sorry, I couldn't find the "Thanks" button linked to your post.]

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •