Oldfrog
Special Response Team
Joined: Jun 27, 2004
Posts: 8576
Location: Deep in the Heart of Texas
|
 Posted: Sun Mar 26, 2006 5:40 pm Post subject: Fried Phish Mar 26: PayPal @ Hong Kong |
|
|
Phish Alert
Full Report:  /modules.php?name=Fried_Phish&fp=phish&id=228&in=1
The email hyperlink directs to a Hong Kong based server hosting an imitation PayPal login screen. The site was active at the time of investigation and the URL was on the Netcraft blacklist. URL follows: http://220.232.144.98/www.paypal.comWBSRLoginSubmit/SecurityModuleVerify/index.html
| Quote: | Return-path: <>
Envelope-to:
Delivery-date: Sun, 26 Mar 2006 12:54:01 +0100
Received: from [209.87.239.71] (helo=smtp3.storm.ca)
by tantalus.ancilenetworks.net with esmtp (Exim 4.52)
id 1FNTom-0000jz-IK
for ; Sun, 26 Mar 2006 12:54:00 +0100
Received: from localhost (localhost [127.0.0.1])
by smtp3.storm.ca (8.13.6+Sun/8.13.6) with ESMTP id k2QBsEk2025892
for <>; Sun, 26 Mar 2006 06:54:14 -0500 (EST)
Received: from smtp3.storm.ca ([127.0.0.1])
by localhost (smtp3 [127.0.0.1]) (amavisd-new, port 10024) with LMTP
id 25081-06 for <>;
Sun, 26 Mar 2006 06:54:14 -0500 (EST)
Received: from solo.arena.ne.jp (ns.dr-annnounce.jp [202.229.187.154] (may be forged))
by s |
| Description: |
|
| Filesize: |
72.83 KB |
| Viewed: |
30 Time(s) |
|
_________________
 MS MVP Security 2006-2008
|
|
Forum FAQ
Search
Usergroups
Profile
Login to check your private messages
Login
