Sunday, May 31, 2009

Bank Phish

This is phish email for ICICI (submitted to phishtank)

hosted to

hxxp://ayitipeyipam.org/css/data/onlineverification.do/

from here it redirects to

hxxp:/ayitipeyipam.org/css/data/onlineverification.do/index2.html

there is twist here smile_regular

See it

image

 

this page is very same to paypal ,confirmed with the script

   1: // This is an ugly hack until there is a reliable ondomready function



   2:                            if(typeof PAYPAL != 'undefined'){



   3:                                PAYPAL.core.Navigation.init();



   4:                           }</scr




Then it lands on to a page where it asks for card information.



image



after that it shows thank you message,



image



and finally lands to Original site ,so user will never know that he has been phished.



image 





   1: <META HTTP-EQUIV="Refresh" CONTENT="5;URL=https://infinity.icicibank.co.in/Login.jsp" ></body>


at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

APK spam on Whatsapp Targeting Bank users

  Initial vector:   Whatsapp spam user posing as union bank with logo in user profile shared apk file named as “Union Bank Aadhaar Update....

  • APK spam on Whatsapp Targeting Bank users
      Initial vector:   Whatsapp spam user posing as union bank with logo in user profile shared apk file named as “Union Bank Aadhaar Update....
  • Bit.ly Targeted with bank Phishing
    We have seen security features of bit.ly and its increased use as short url service , now it been exploited to send bank phishing emails  ...
  • Bad Security Policy
    There was posting regarding diclosure of Bank giving out its customers mail address, fueling the Targeted Phisihing attack of its customer. ...