Need help? Ask the community or hire an expert.
Go to Avira Answers
Target:Halifax
Date discovered:18/09/2007

 General The goal is to get the following information:
     Bank account


Phishing method:
     URL link

 Email Details From: technical_department_ref-773bzd@halifax.co.uk
Subject: Official Notice To All Halifax UK Customers

Visible link: http://www.halifax-online.co.uk.host14704470/confirm/_mem_bin/...
Actual link: http://www.halifax-online.co.uk.cookie47853461.malibu6.zj.cn/confirm/...
IP address: 60.12.130.112


The email is designed to avoid detection from Antispam and Antiphishing. The technique is:
     The Body of the email contains HTML content.



This screenshot is how the phishing email looks like:


 Page Details Visible URL: http://www.halifax-online.co.uk.cookie47853461.malibu6.zj.cn/confirm/...
Actual URL: http://www.halifax-online.co.uk.cookie47853461.malibu6.zj.cn/confirm/...
IP address: 60.12.130.112


The phishing page will look like the following:



Description inserted by Dominik Auerbach on Wednesday, September 19, 2007

Back . . . .