需要修复电脑?
聘请专家
Target:NationalCity
Date discovered:28/05/2007

 General The goal is to get the following information:
    • Bank account
    • Personal data


Phishing method:
    • URL link

 Email Details From: service.ref8030222.cm@nationalcity.com
Subject: Dear National City customer! (mess_id: **********)

Visible link: http://session-**********.nationalcity.com/corporate/onlineservices/...
Actual link: http://session-**********.nationalcity.com.userpro.io/corporate/...
IP address: 222.105.127.158


The email is designed to avoid detection from Antispam and Antiphishing. Such techniques are:
    • The Subject of the email contains random characters.
    • The Body contains invisible Text.
    • The Body of the email contains HTML content.



This screenshot is how the phishing email looks like:


 Page Details Visible URL: http://session-**********.nationalcity.com.userpro.io/corporate/...
Actual URL: http://session-**********.nationalcity.com.userpro.io/corporate/...
IP address: 222.105.127.158


The phishing page will look like the following:


说明添加者: Dominik Auerbach 打开 2007年5月28日星期一

反馈 . . . .
https:// 为了你的安全,此窗口已加密。