Need help? Ask the community or hire an expert.
Go to Avira Answers
Target:Citizens National Bank of Texas
Date discovered:31/07/2006

 General The goal is to get the following information:
     Credit card


Phishing method:
     'text' link

 Email Details From: onlinesurvey@cnbwax.com
Subject: Take This $20 Reward Survey

Visible link: Confirm Now
Actual link: http://www.google.com/url?sa=U&start=4&q=http://203.232.223.243/...
IP address: 203.232.223.243


The email is designed to avoid detection from Antispam and Antiphishing. Such techniques are:
     The Body of the email contains random characters.
     The Body of the email contains HTML content.


The phishing page contains the following trick:
     Link redirection by means of a well known domain name



This screenshot is how the phishing email looks like:


 Page Details Visible URL: http://203.232.223.243/homesite/main/cnbwax/onlinesurvey.htm?secure/...
Actual URL: http://203.232.223.243/homesite/main/cnbwax/onlinesurvey.htm?secure/...
IP address: 203.232.223.243


The phishing page will look like the following:


Description inserted by Dominik Auerbach on Monday, July 31, 2006

Back . . . .