Commerce Bank 1 - Phishing

See also

Summary

Full description

Target:	Commerce Bank
Date discovered:	24/01/2008

General The goal is to get the following information:
    • Bank account
    • Personal data

Phishing method:
    • URL link

Email Details From: mail.serverA02076482.cb@commercebank.com
Subject: Confirm Your Information! (Wed, *********************)

Visible link: http://commerceconnections.commercebank.com/cmserver/ccf.cfm?...
Actual link: http://commerceconnections.commercebank.com.technfo.com.ua/...
IP address: 220.90.230.71

The email is designed to avoid detection from Antispam and Antiphishing. Such techniques are:
• The Body contains invisible Text.
• The Body of the email contains HTML content.

This screenshot is how the phishing email looks like:

Page Details Visible URL: http://commerceconnections.commercebank.com.technfo.com.ua/...
Actual URL: http://commerceconnections.commercebank.com.technfo.com.ua/...
IP address: 220.90.230.71

The phishing page will look like the following:

See a brief description here.

Description inserted by Dominik Auerbach on Thu, 24 Jan 2008 15:53 (GMT+1)
Description updated by Dominik Auerbach on Thu, 24 Jan 2008 15:55 (GMT+1)

» About Malware
» About Phishing
» Viruses In the Wild

« back