Need help? Ask the community or hire an expert.
Go to Avira Answers
Target:Flagstar Bank
Date discovered:09/08/2006

 General The goal is to get the following information:
     Bank account
     Credit card


Phishing methods:
     URL link
     Image with link

 Email Details From: online-services@flagstar.com
Subject: Suspend your Flagstar bank account.

Visible link: https://www.flagstarbanking2.com/onlineserv/HB/Signon.cgi
Actual link: http://70.104.254.83/www.flagstar.com/index.html
IP address: 70.104.254.83


The email is designed to avoid detection from Antispam and Antiphishing. The technique is:
     The Body of the email contains HTML content.



This screenshot is how the phishing email looks like:


 Page Details Visible URL: http://70.104.254.83/www.flagstar.com/index.html
Actual URL: http://70.104.254.83/www.flagstar.com/index.html
IP address: 70.104.254.83


The phishing page will look like the following:



Description inserted by Dominik Auerbach on Wednesday, August 9, 2006

Back . . . .