Websense® Security Labs™ has received reports of a phishing attack that targets users of Rogers Communications. Users receive a spoofed email message, which claims that their account has been disabled because a third party accessed their account. The email also states that more information is needed to keep their account secure. The email provides a link to a phishing site that attempts to collect personal and account information. This phishing site is hosted in the United States and was up at the time of this alert. Phishing email text: Rogers is constantly working to ensure security by regularly screening the accounts in our system. We recently reviewed your account, and we need more information to help us provide you with secure service. Until we can collect this information, your access to sensitive account features will be limited. We would like to restore your access as soon as possible, and we apologize for the inconvenience. Why is my account access suspended? Your account access has been suspended for the following reason(s): March 12, 2007: We have reason to believe that your account was accessed by a third party. Because protecting the security of your account is our primary concern, we have limited access to sensitive Rogers account features. We understand that this may be an inconvenience but please understand that this temporary limitation is for your protection. (Your case ID for this reason is RR-257-057-154.) To remove the limitation click on the following link: Regards, Rogers Security Departament Phishing screenshot #1: Phishing screenshot #2: Phishing screenshot #3: Phishing screenshot #4:

More...