English
Romana
Home
|
Contact
|
Feedback
SEARCH
Security Development
Company
Careers
Press Center
Virus Info
Security News
Virus Glossary
About Malware
VDF History
External Links
Solutions
Products
Alerts Panel
Support
Register
Paypal 171 - Phishing
See also
Summary
Full description
Target:
Paypal
Date discovered:
30/08/2007
General
The goal is to get the following information:
• Credit card
• Personal data
• Paypal account
Phishing methods:
• URL link
• 'text' link
Email Details
From:
accounts@paypal.us
Subject:
Notification from Billing Department
Visible link:
https://www.paypal.com/us/cgi-bin/webscr?cmd=_login-run
Actual link:
http://www.dforce.sk/sitemap/cgi-bin/webscrcmd=_login-run/update.php
IP address:
62.176.161.22
The email is designed to avoid detection from Antispam and Antiphishing. The technique is:
• The Body of the email contains HTML content.
This screenshot is how the phishing email looks like:
Page Details
Visible URL:
http://www.dforce.sk/sitemap/cgi-bin/webscrcmd=_login-run/update.php
Actual URL:
http://www.dforce.sk/sitemap/cgi-bin/webscrcmd=_login-run/update.php
IP address:
62.176.161.22
The phishing page will look like the following:
See a brief description
here
.
Inserted by Dominik Auerbach on Thu, 30 Aug 2007 19:59 (GMT+1)
« Back
Print this page
Security News
Avira protects from PDF Exploit
Infected Firefox Add-on: Avira protects
HEUR/HTML.Malware
HTML/Infected.WebPage.Gen
HTML/Crypted.Gen
TR/Rootkit.Gen
W32/Sality.Y
Worm/Sohaned.BP
TR/Drop.Muha.462027
TR/Silentbanker.BA
TR/Dldr.Zitan.A
EXP/Pidief.axa
Download here
© 2010 Avira Soft SRL
Privacy
|
Site terms
|
Copyright
|
Site map
Print this page
