Target:America's First Federal Credit Union
Date discovered:13/09/2006

 General The goal is to get the following information:
    • Bank account
    • Credit card


Phishing method:
    • URL link

 Email Details From: no-replay@amfirst.org
Subject: America's First Federal Credit Union $20 Survey

Visible link: https://www.amfirst.org/login.cfm?survey
Actual link: http://eastonbike.com//%20/www.amfirst.org/
IP address: 64.136.59.157


The email is designed to avoid detection from Antispam and Antiphishing. The technique is:
    • The Body of the email contains HTML content.



This screenshot is how the phishing email looks like:


 Page Details Visible URL: http://eastonbike.com//%20/www.amfirst.org/
Actual URL: http://eastonbike.com//%20/www.amfirst.org/
IP address: 64.136.59.157


The phishing page will look like the following:



Description inserted by Dominik Auerbach on Thursday, September 14, 2006

Back . . . .