Need help? Ask the community or hire an expert.
Go to Avira Answers
Target:Paypal
Date discovered:15/06/2006

 General The goal is to get the following information:
    • Credit card
    • Personal data
    • Email account


Phishing method:
    • 'text' link

 Email Details From: service@paypaI.com
Subject: Hello

Visible link: Resolution Center
Actual link: http://cpc1-tall1-0-0-cust1011.dbln.cable.ntl.com/appserv/login.html
IP address: 86.14.143.244

The destination redirects to one of the following links:
   • http://72.3.135.172/modules/Uso_Frecuente/paypal-login/login.html
   • http://jray.us/includes/sites/login.html
   • http://brownbearstudios.com/bbscrm/paypal-login/login.html


The email is designed to avoid detection from Antispam and Antiphishing. The technique is:
    • The Body of the email contains HTML content.



This screenshot is how the phishing email looks like:


 Page Details Visible URL: http://brownbearstudios.com/bbscrm/paypal-login/login.html
Actual URL: http://brownbearstudios.com/bbscrm/paypal-login/login.html
IP address: 72.10.45.30


The phishing page will look like the following:



Description inserted by Dominik Auerbach on Thursday, June 15, 2006
Description updated by Oliver Auerbach on Wednesday, June 21, 2006

Back . . . .