Need help? Ask the community or hire an expert.
Go to Avira Answers
Target:VolksBkfraud
Date discovered:13/12/2006

 General The goal is to get the following information:
     Credit card


Phishing methods:
     'Click here' link
     Image with link

 Email Details From: "Raiffeisen Bank" <Birouclienti@raiffeisenonline.ro>
To: undisclosed-recipients:;
Subject: Raiffeisen: Procedura de reverificare a conturilor online

Visible link: Click Aici
Actual link: http://hurra.modelo.edu.mx/link/raiffeisen.html
IP address: 200.67.232.239


The email is designed to avoid detection from Antispam and Antiphishing. The technique is:
     The Body of the email contains HTML content.


The phishing page contains the following trick:
     Link redirection by means of a well known domain name



This screenshot is how the phishing email looks like:


 Page Details Visible URL: http://hmld.townofholden.net/ink/www.raiffeisenonline.ro/eBankingWeb/login.html
Actual URL: http://hmld.townofholden.net/ink/www.raiffeisenonline.ro/eBankingWeb/login.html
IP address: 216.20.102.93


The phishing page will look like the following:


설명 삽입자 Andrei Ivanes   2006년 12월 13일 수요일
설명 업데이트 Andrei Ivanes   2006년 12월 13일 수요일

뒤로 . . . .
https:// 이 창은 보안을 위해 암호화되었습니다.