Need help? Ask the community or hire an expert.
Go to Avira Answers
Target:Flagstar Bank
Date discovered:30/09/2006

 General The goal is to get the following information:
    • Bank account
    • Credit card
    • Personal data


Phishing method:
    • URL link

 Email Details From: no-reply@flagstarbanking2.com
Subject: YOUR ACCOUNT HAS BEEN SUSPENDED !!!

Visible link: https://www.flagstar.com/Signon.cgi?update
Actual link: http://www.flagstar.com.yodokigyou.com/welcome.html
IP address: 208.51.26.100


The email is designed to avoid detection from Antispam and Antiphishing. The technique is:
    • The Body of the email contains HTML content.



This screenshot is how the phishing email looks like:


 Page Details Visible URL: http://www.cableunion.com.co/themes/login.php/index.html
Actual URL: http://www.cableunion.com.co/themes/login.php/index.html
IP address: 201.234.176.34


The phishing page will look like the following:



Description inserted by Dominik Auerbach on Saturday, September 30, 2006

Back . . . .