Need help? Ask the community or hire an expert.
Go to Avira Answers
Target:Regions Bank
Date discovered:03/07/2007

 General The goal is to get the following information:
    • Bank account


Phishing method:
    • URL link

 Email Details From: clientdepmnt.refM620372956617.int@regions.com
Subject: Important notice! (message id: **********)

Visible link: http://interact-cid244004.regions.com/ibsregions/cmserver/iform.cfm
Actual link: http://interact-cid244004.regions.com.prontoed.tw/ibsregions/cmserver/...
IP address: 89.100.110.67


The email is designed to avoid detection from Antispam and Antiphishing. The technique is:
    • The Body of the email contains HTML content.



This screenshot is how the phishing email looks like:


 Page Details Visible URL: http://interact-cid244004.regions.com.prontoed.tw/ibsregions/cmserver/...
Actual URL: http://interact-cid244004.regions.com.prontoed.tw/ibsregions/cmserver/...
IP address: 89.100.110.67


The phishing page will look like the following:


Beschrijving ingevoegd door Dominik Auerbach op woensdag 4 juli 2007

Terug . . . .
https:// Dit venster is voor uw veiligheid gecodeerd.