需要修复电脑?
聘请专家
Target:Regions Bank
Date discovered:03/07/2007

 General The goal is to get the following information:
     Bank account


Phishing method:
     URL link

 Email Details From: clientdepmnt.refM620372956617.int@regions.com
Subject: Important notice! (message id: **********)

Visible link: http://interact-cid244004.regions.com/ibsregions/cmserver/iform.cfm
Actual link: http://interact-cid244004.regions.com.prontoed.tw/ibsregions/cmserver/...
IP address: 89.100.110.67


The email is designed to avoid detection from Antispam and Antiphishing. The technique is:
     The Body of the email contains HTML content.



This screenshot is how the phishing email looks like:


 Page Details Visible URL: http://interact-cid244004.regions.com.prontoed.tw/ibsregions/cmserver/...
Actual URL: http://interact-cid244004.regions.com.prontoed.tw/ibsregions/cmserver/...
IP address: 89.100.110.67


The phishing page will look like the following:


说明添加者: Dominik Auerbach 打开 2007年7月4日星期三

反馈 . . . .
https:// 为了你的安全,此窗口已加密。