phishing land la Raiffeisen
Azi un nou atac de phishing pe email pt Raiffeisen…l-am primit in urma cu o ora. (detalii despre phishing aici)
Pentru a vedea tot contentul emailului click aici
Update: A mai venit inca unul …cu un header mai rafinat se pare ca primadata setasera gresit aplicatia 
sau era parte din strategia de derutare… cine stie?
Continutul ramane acelasi
You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.
[...] alte detalii la andrei Etichete: banci, bani, phishing [...]
poti sa postezi si headerele emailului cu adresele ip?
Return-Path:
X-OriginalArrivalTime: 30 May 2007 11:57:00.0403 (UTC) FILETIME=[A1654C30:01C7A2B1]
Received: from PCEXCHANGE.phillipsco.com (mail.phillipsco.com [67.126.132.83])
by whiteimage.net (8.13.1/8.13.1) with ESMTP id l4UBx2qr002275
for < @ whiteimage.net>; Wed, 30 May 2007 12:59:02 +0100
Received: from User ([67.125.49.57]) by PCEXCHANGE.phillipsco.com with Microsoft SMTPSVC(6.0.3790.3959);
Wed, 30 May 2007 04:57:00 -0700
Reply-To:
From: “Banca Raffeisen”
Subject: legatura cu contul Dvs. online Raiffeisen
Date: Wed, 30 May 2007 04:59:00 -0700
MIME-Version: 1.0
Content-Type: text/html;
charset=”utf-8″
Content-Transfer-Encoding: 7bit
X-Priority: 1
X-MSMail-Priority: High
X-Mailer: Microsoft Outlook Express 6.00.2600.0000
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000
Message-ID:
X-IMAPbase: 1140362589 408386 $MDNSent
Status: O
X-UID: 408384
Content-Length: 5713
X-Keywords:
Si primul:
Return-Path:; Wed, 30 May 2007 12:13:35 +0100
Received: from mailer.bf.uni-lj.si (mailer.bf.uni-lj.si [193.2.71.19])
by whiteimage.net (8.13.1/8.13.1) with ESMTP id l4UBDZuX024011
for
Received: from castor.bf.uni-lj.si (castor [192.168.100.11])
by mailer.bf.uni-lj.si (Postfix) with ESMTP id 88CCF1ACB68
for < @ whiteimage.net>; Wed, 30 May 2007 13:16:16 +0200 (CEST)
Received: from User ([66.116.110.47]) by castor.bf.uni-lj.si with Microsoft SMTPSVC(6.0.3790.211);
Wed, 30 May 2007 13:14:56 +0200
Reply-To:
From: “Banca Raiffeisen”
Subject: Mesaj important - cont online Raiffeisen
Date: Wed, 30 May 2007 04:13:25 -0700
MIME-Version: 1.0
Content-Type: multipart/alternative;
boundary=”—-=_NextPart_000_00A4_01C2A9A6.0772F880″
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2600.0000
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000
Message-ID:
X-OriginalArrivalTime: 30 May 2007 11:14:56.0658 (UTC) FILETIME=[C1205F20:01C7A2AB]
X-IMAPbase: 1140362589 408379 $MDNSent
Status: O
X-UID: 408379
Content-Length: 6087
X-Keywords:
Headerele nu par sa fie fake, probabil au trimis mailurile folosind un botnet;
66.116.110.47 si 67.125.49.57 imi da ca sunt de prin america.
La al doilea mail au gresit numele bancii - Raffeisen in loc de Reiffeisen
spuneam Raffeisen in loc de Raiffeisen, mancasera un i - mama lor de phisheri