Target:First National Bank
Date discovered:05/06/2006

 General The goal is to get the following information:
    • Bank account
    • Credit card


Phishing method:
    • URL link

 Email Details From: techservices@fnb.com
Subject: Software Upgrade.

Visible link: http://www.fnb-online.com/personalBanking/
Actual link: http://www.google.com/url?sa=l&ai=BJQ4ISR5lRIX2A7LCiALNrN30D...
IP address: 66.29.22.27


The email is designed to avoid detection from Antispam and Antiphishing. The technique is:
    • The Body of the email contains HTML content.


The phishing page contains the following trick:
    • Link redirection by means of a well known domain name



This screenshot is how the phishing email looks like:


 Page Details Visible URL: http://www.wifigeek.net/index/fnb-online.com/index.htm
Actual URL: http://www.wifigeek.net/index/fnb-online.com/index.htm
IP address: 66.29.22.27


The phishing page will look like the following:




Description inserted by Dominik Auerbach on Monday, June 5, 2006

Back . . . .