Need help? Ask the community or hire an expert.
Go to Avira Answers
Target:National Credit Union Administration
Date discovered:16/06/2006

 General The goal is to get the following information:
    • Credit card
    • Personal data


Phishing method:
    • URL link

 Email Details From: activate@ncua.org
Subject: Important Notification

Visible link: http://www.ncua.gov/activate_account.html
Actual link: http://www.google.com/url?sa=U&start=4&q=http://216.161.3.64/fcu-...
IP address: 216.161.3.64


The email is designed to avoid detection from Antispam and Antiphishing. The technique is:
    • The Body of the email contains HTML content.


The phishing page contains the following trick:
    • Link redirection by means of a well known domain name



This screenshot is how the phishing email looks like:


 Page Details Visible URL: http://216.161.3.64/fcu-update/secure/index.htm
Actual URL: http://216.161.3.64/fcu-update/secure/index.htm
IP address: 216.161.3.64


The phishing page will look like the following:



Description inserted by Dominik Auerbach on Friday, June 16, 2006

Back . . . .