Trustwave Vulnerability Scan Scam

This one is potentially a better attempt at a phishing scam than most.

Supposedly from TrustWave, it tells of a failed vulnerability scan on my network and to view the results online.

Visiting this site potentially loads Malware, or tries phishing techniques to get access to your systems.

One interesting aspect of this is it predicts IP ranges that will attempt to access your network, which makes me lean toward a malware attack.

This is an automated email message to prevent you that the scheduled TrustKeeper vulnerability scan of YOUR NETWORK SYSTEMS has completed and is not compliant.

IMPORTANT: During the scan, TrustKeeper Discovered several Unsecure systems. Trustwave strongly recommends you review these findings as your overall PCI DSS compliance status may be affected.

TrustKeeper generated a vulnerability scan report. You may view these results by accessing TrustKeeper at:

You will receive an e-mail confirmation when the scan completes and your results are available. Please note that this can take up to three days.

Note: If you monitor your network for activity, note that the TrustKeeper scan may originate from IP addresses in these ranges:

TrustKeeper is a certified remote assessment and compliance solution created by Trustwave and designed to help merchants meet the PCI DSS and achieve compliance with the associated programs of VisaŽ, MasterCardŽ, American ExpressŽ, DiscoverŽ, and other credit card associations. The TrustKeeper solution is an integrated easy-to-use tool that removes the challenge of navigating the complex PCI DSS requirements and provides a “one stop shop” for merchants to certify compliance.


This mail is sent by an automated message system and the reply will not be received. Thank you for using TrustKeeper.
This email was sent to:
This email was sent by: Trustwave
80 West Madison Street, Suite 1080, Chicago, IL, 60408, USA

We respect your right to privacy – view our policy

So a new attack method, using fear to cause people to click the link and open themselves up for the real attack.

Instructions for Adding an Email Account

I get lots of requests for setting up an email account in different email programs, so I thought I would provide a list of the best instructions I have found that I pass on to my clients.

All thanks to those that have provided these resources, it seems silly to replicate these over and over on the web.

If you know of a better one than what I have listed, let me know in the comments and I can look at them and add them in.

I am only listing one set of instructions for each Mail program version that I think is the easiest to follow.

Remember, these instructions will need to be supplemented with your own specific settings such as login / password and mail server settings. Contact your hosting provider for these things.

Mac OS


So if you have other clients, other operating systems, let me know and I’ll add them to the list.


New Sites for May

School Holidays are upon us, but the work never ends…

Here are some new and updated clients sites we have completed recently.