Moldova phish
CastleCops
-> Phishing, Fraud and Dastardly Deeds
Author: AlphaCentauri,
Posted: Mon Jun 30, 2008 12:58 pm Post subject: Moldova phish
I received a phishing email for this today:
http://onlinetreasurymanager.suntrust.ibswebsuntrust.cmserver.verify0e82u52qe90p0z2.portalserver.
[insert line break for forum]
ptcontrol.SetCommunityCommunityID44809.CommunityPage.exacttarget.Login62s9k14b.members.
[insert line break for forum]
sntrst.md/login.htm
The .md TLD is Moldova's country code. The site isn't resolving. On traversal, most root servers say it has no a records, though central.dns.md, which I would expect to be the soonest to receive propagation from a domain suspension, resolves 5 IP addresses -- apparently botnet hosting. (Maybe it's still propagating a domain creation?)
China is no longer friendly to phishers; the roaches are scurring to find cover.
CastleCops
-> Phishing, Fraud and Dastardly Deeds
All times are GMT
Page 1 of 1
Powered by phpBB © 2001 phpBB Group