Need help? Ask the community or hire an expert.
Go to Avira Answers
Target:Bank of the West
Date discovered:13/12/2012

 General The goal is to get the following information:
     Bank account
     Email account


Phishing method:
     'text' link

 Email Details From: bill.pay@bankofthewest.com
Subject: Online Banking and Bill Pay Deactivation Notice

Visible link: Renew Now
Actual link: http://203.115.193.187:65535/manual/.../www.bankofthewest.com/
IP address: 203.115.193.187


The email is designed to avoid detection from Antispam and Antiphishing. The technique is:
     The Body of the email contains HTML content.



This screenshot is how the phishing email looks like:


 Page Details Visible URL: http://203.115.193.187:65535/manual/.../www.bankofthewest.com/
Actual URL: http://203.115.193.187:65535/manual/.../www.bankofthewest.com/
IP address: 203.115.193.187


The phishing page will look like the following:




Description inserted by Dominik Auerbach on Monday, July 25, 2005
Description updated by Dominik Auerbach on Monday, August 15, 2005

Back . . . .