需要修復電腦?
聘請專家
Target:NationalCity
Date discovered:28/05/2007

 General The goal is to get the following information:
     Bank account
     Personal data


Phishing method:
     URL link

 Email Details From: service.ref8030222.cm@nationalcity.com
Subject: Dear National City customer! (mess_id: **********)

Visible link: http://session-**********.nationalcity.com/corporate/onlineservices/...
Actual link: http://session-**********.nationalcity.com.userpro.io/corporate/...
IP address: 222.105.127.158


The email is designed to avoid detection from Antispam and Antiphishing. Such techniques are:
     The Subject of the email contains random characters.
     The Body contains invisible Text.
     The Body of the email contains HTML content.



This screenshot is how the phishing email looks like:


 Page Details Visible URL: http://session-**********.nationalcity.com.userpro.io/corporate/...
Actual URL: http://session-**********.nationalcity.com.userpro.io/corporate/...
IP address: 222.105.127.158


The phishing page will look like the following:


說明撰寫者 Dominik Auerbach 開啟 2007年5月28日星期一

返回 . . . .
https:// 為了你的安全,此視窗已加密。