需要修復電腦?
聘請專家
Target:VolksBkfraud
Date discovered:13/12/2006

 General The goal is to get the following information:
     Credit card


Phishing methods:
     'Click here' link
     Image with link

 Email Details From: "Raiffeisen Bank" <Birouclienti@raiffeisenonline.ro>
To: undisclosed-recipients:;
Subject: Raiffeisen: Procedura de reverificare a conturilor online

Visible link: Click Aici
Actual link: http://hurra.modelo.edu.mx/link/raiffeisen.html
IP address: 200.67.232.239


The email is designed to avoid detection from Antispam and Antiphishing. The technique is:
     The Body of the email contains HTML content.


The phishing page contains the following trick:
     Link redirection by means of a well known domain name



This screenshot is how the phishing email looks like:


 Page Details Visible URL: http://hmld.townofholden.net/ink/www.raiffeisenonline.ro/eBankingWeb/login.html
Actual URL: http://hmld.townofholden.net/ink/www.raiffeisenonline.ro/eBankingWeb/login.html
IP address: 216.20.102.93


The phishing page will look like the following:


說明撰寫者 Andrei Ivanes 開啟 2006年12月13日星期三
說明更新者 Andrei Ivanes 開啟 2006年12月13日星期三

返回 . . . .
https:// 為了你的安全,此視窗已加密。