Elia Florio wrote:
I receveid this bad-spoofed-Citibank e-mail,
which points to a PHP page which ask for credit card number..........and stole it!!!
Is it the next phishing e-mail ?
The link points to http://218.36.71.193:443/citi/
i tried http://218.36.71.193/ then, this seems to be the home of
www.sk.com (from FAQ: What is SK?
SK is Korea’s fourth largest conglomerate and one of the leading business organizations in Asia...)
someone has set up a 2nd Apache on :443 (!SSL), and created /citi to phish credit card numbers??
Christian.
Nope. Just More misdiredction by the miscreants
try the url http://218.36.71.193:443/test.php
The requested URL /test.php was not found on this server.
------------------------------------------------------------------------ Apache/1.3.6 Server at proxyegana.goldpfeil.de Port 80
[EMAIL PROTECTED] nslookup www.sk.com Note: nslookup is deprecated and may be removed from future releases. Consider using the `dig' or `host' programs instead. Run nslookup with the `-sil[ent]' option to prevent this message from appearing. Server: 192.168.8.1 Address: 192.168.8.1#53
Non-authoritative answer: Name: www.sk.com Address: 64.227.233.29
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
