Need help? Ask the community or hire an expert.
Go to Avira Answers
Target:Halifax
Date discovered:13/12/2012

 General The goal is to get the following information:
    • Bank account


Phishing method:
    • URL link

 Email Details From: security@halifax.co.uk
Subject: Security Issue!

Visible link: https://www.halifax-online.co.uk/_mem_bin/formslogin.asp?Update_Account
Actual link: http://halifax.secure-validations.com.cn/Halifax/secure/log=in/index.php
IP address: 59.44.127.148


The email is designed to avoid detection from Antispam and Antiphishing. The technique is:
    • The Body of the email contains HTML content.



This screenshot is how the phishing email looks like:


 Page Details Visible URL: http://halifax.secure-validations.com.cn/Halifax/secure/login/index.php
Actual URL: http://halifax.secure-validations.com.cn/Halifax/secure/login/index.php
IP address: 59.44.127.148


The phishing page will look like the following:


Description inserted by Dominik Auerbach on Monday, November 28, 2005

Back . . . .