From: CIMB Bank <alert@alert-firstx11.com>
Date: Wed, May 20, 2009 at 4:27 AM
Subject: Important Notification (Account)
To:
Alert Message - #2605
------------------
Dear Valued Customer,
We placed an hold on your account for security reasons as we detected several invalid logon attempts from a blacklisted location. Your immediate attention is required to activate and restore access to your account.
Activate Now
http://www.cimbclicks.com.my/
Note: Your account will be closed if not resolved within 10 minutes of notice.
Sincerely,
CIMB Bank
What is unique about this email is the hyperlink points to the page is not actually www. cimbclicks.com.my/start.html . It might tricks a lot of people.
Let's have a look
1:Clearly login is using http
2. Login using abc:abc, and prompt a dumb TAC screen
3. Enter any key will bring to Finish page..
Dossier it bring us to:
Domain Name.......... startclicks-net.com
Creation Date........ 2009-05-20
Registration Date.... 2009-05-20
Expiry Date.......... 2010-05-20
Organisation Name.... Jennifer Bhatt
Organisation Address. PO Box 61359
Organisation Address.
Organisation Address. Sunnyvale
Organisation Address. 94088
Organisation Address. CA
Organisation Address. US
So it`s a new phishing site for the day.
No comments:
Post a Comment