Need help? Ask the community or hire an expert.
Go to Avira Answers
Target:Sparkasse
Date discovered:24/06/2007

 General The goal is to get the following information:
    • Bank account


Phishing method:
    • URL link

 Email Details From: online-id*******@vr-networld.de
Subject: Sparkasse informiert Sie

Visible link: http://sitzungid_*****.sparkasse.de/kundendienst/anfang.cgi
Actual link: http://sitzungid_*****.sparkasse.de.mysosp.at/kundendienst/anfang.cgi
IP address: 58.181.164.182


The email is designed to avoid detection from Antispam and Antiphishing. Such techniques are:
    • The Body contains invisible Text.
    • The Body of the email contains HTML content.



This screenshot is how the phishing email looks like:


 Page Details Visible URL: http://sitzungid_*****.sparkasse.de.mysosp.at/kundendienst/anfang.cgi
Actual URL: http://sitzungid_*****.sparkasse.de.mysosp.at/kundendienst/anfang.cgi
IP address: 58.181.164.182


The phishing page will look like the following:


Beschrijving ingevoegd door Dominik Auerbach op maandag 25 juni 2007
Beschrijving bijgewerkt door Dominik Auerbach op maandag 25 juni 2007

Terug . . . .
https:// Dit venster is voor uw veiligheid gecodeerd.