Need help? Ask the community or hire an expert.
Go to Avira Answers
Target:Lloyds TSB
Date discovered:30/07/2007

 General The goal is to get the following information:
     Bank account


Phishing methods:
     'Click here' link
     'text' link

 Email Details From: Lloyds TSB 19
Subject: Online banking access suspended

Visible link: Click here to reactivate your online access
Actual link: http://penye.org/images/1.php?WEBlogon_Customer
IP address: 80.93.211.162


The email is designed to avoid detection from Antispam and Antiphishing. The technique is:
     The Body of the email contains HTML content.



This screenshot is how the phishing email looks like:


 Page Details Visible URL: http://acmq8.org/pic/g2data/https/:online.lloydstsb.co.uk/customer.ibc.php
Actual URL: http://acmq8.org/pic/g2data/https/:online.lloydstsb.co.uk/customer.ibc.php
IP address: 209.216.249.194


The phishing page will look like the following:




Description inserted by Dominik Auerbach on Monday, July 30, 2007

Back . . . .