ROLF another phishing URL for the PNB net-banking http://mail2.rybolt.net/icons/.secure/.service/pnbindia/login.htm
Seems like its PNB at every corner. My friend @ankur mailed me link.Thanks to him. On Wed, Jan 13, 2010 at 5:50 PM, atul jha <[email protected]> wrote: > > > http://www.pnb.net.in/ is not phishing page. [ > http://samspade.org/whois/www.pnb.net.in] owner Tarun Shahani . > > On the other hand > > > http://samspade.org/whois/pnb.co.in owner is PNB as organization [ > http://samspade.org/whois/pnb.co.in] I was not able to get whois > information for www.pnbindia.com > > I also tried calling number 011-23765434 which is mentioned on the account > owner contact detail for [www.pnb.net.in] for authenticity but no one was > picking the phone.On searching via http://phonebook.bol.net.in/ i found > the number indeed is of P N B I IND FLR P N B BLDG SANSAD MRG-1 > > > Now as 4 tomorrow my task-list includes calling same number again and > speaking with Mr.Shahni :D > > I still not aware why they have two different whois result [as in owner] > when domain belongs to same organization. > > > > On Wed, Jan 13, 2010 at 5:01 PM, vaibhav aher <[email protected]>wrote: > >> But PNB them self claims that PNBIndia.in is there domain. >> Take a look at this.. >> >> http://www.pnb.net.in/ >> >> -- >> Vaibhav Aher >> InfoSec Consultant >> >> On Wed, Jan 13, 2010 at 4:31 PM, chintan dave <[email protected]>wrote: >> >>> I am not sure why they have multiple sites. Initial thought that came to >>> my mind was phishing. So I fired a DNS look up query on both the domains. >>> The following is the result. >>> >>> *A quick DNS look up:* >>> >>> *PNBIndia.in*: >>> http://www.dnsstuff.com/tools/whois/?tool_id=66&token=&toolhandler_redirect=0&ip=www.pnbindia.in >>> *PNBIndia.com*: >>> http://www.dnsstuff.com/tools/whois/?tool_id=66&token=&toolhandler_redirect=0&ip=www.pnbindia.com >>> >>> Surprisingly NET4India is the registrar for both the URLs. >>> >>> Additionally, just out of curiosity, i tried the following as well: >>> >>> *PNBIndia.co.in <http://pnbindia.co.in/>*: >>> http://www.dnsstuff.com/tools/whois/?tool_id=66&token=&toolhandler_redirect=0&ip=pnbindia.co.in >>> >>> The contact person for PNBIndia.in and >>> PNBIndia.co.in<http://pnbindia.co.in/>is same. "Tarun Shahani" >>> >>> >>> >>> On Wed, Jan 13, 2010 at 4:28 PM, Soi, Dhruv < >>> [email protected]> wrote: >>> >>>> Oops! PNB officials are already on the list. Though I forwarded to >>>> him directly with Cc to GM IT. Some action is hopeful. >>>> >>>> >>>> >>>> By the way, The phishing form redirects to pnbindia.com. So it not only >>>> collects the credit card numbers but also compromise the victim through >>>> drive-by-download method which seems to be taken off at the moment. >>>> >>>> >>>> >>>> *From:* atul jha [mailto:[email protected]] >>>> *Sent:* 13 January 2010 16:20 >>>> *To:* [email protected] >>>> *Cc:* [email protected] >>>> *Subject:* Re: [Owasp-delhi] Fwd: PNB phishing page. >>>> >>>> >>>> >>>> I wonder how come a government/nationalized bank can have such poor >>>> security for online transaction.I was unable to see the pages correctly on >>>> firefox as that is the only browser i have apart from this the portal has >>>> no >>>> secure signing authority like verisign or thawte. >>>> >>>> This is simply unacceptable.Lots of poor peoples account are unsafe.We >>>> know rthe trick so we are safe what about others. >>>> The worst part is one of the contct-us page mail id bounces back. >>>> #shit #poor #irony >>>> >>>> >>>> On Wed, Jan 13, 2010 at 4:10 PM, Soi, Dhruv < >>>> [email protected]> wrote: >>>> >>>> Wow! Just to add further: >>>> >>>> >>>> >>>> Watch for: >>>> >>>> >>>> >>>> pnbindia.com >>>> >>>> pnbindia.in >>>> >>>> >>>> >>>> Can you see the difference? Dig and whois can be helpful and this link >>>> can add more: http://safeweb.norton.com/report/show?url=pnbindia.com. >>>> Though, Infected links seem to have removed. >>>> >>>> >>>> >>>> I have got some good links in PNB, let me help them out with this. >>>> >>>> >>>> >>>> Phish the Fish! ;-) >>>> >>>> >>>> >>>> *From:* [email protected] [mailto: >>>> [email protected]] *On Behalf Of *atul jha >>>> *Sent:* 13 January 2010 10:22 >>>> *To:* [email protected] >>>> *Subject:* [Owasp-delhi] Fwd: PNB phishing page. >>>> >>>> >>>> >>>> Morning all, >>>> Well moments ago saw this mail and its not marked as spam a crafted >>>> e-mail. >>>> I tried my best to contact PNB guys but unfortunately there was no link >>>> for phishing report on website of PNB. >>>> I am sure more than 100 customers must have been fooled so far >>>> submitting there credit card PIN. >>>> I have attached screenshot alongwith. >>>> >>>> ---------- Forwarded message ---------- >>>> From: *Punjab National Bank* <[email protected]> >>>> Date: 2010/1/13 >>>> Subject: Get your Refund Amount >>>> To: [email protected] >>>> >>>> >>>> You have get a Tax Refund on your Punjab National Bank >>>> MasterCard. >>>> Complete the formular, and get your Refund Tax. >>>> >>>> (Your Refund Amount Is 3200 rupees) >>>> >>>> Complete Formular bellow : >>>> http://lindsaysunley.eu/pnbindia/online.html >>>> >>>> >>>> Copyright Š 2010 - Punjab National Bank. All rights reserved. >>>> >>>> >>>> regards, >>>> >>>> atul jha >>>> >>>> >>>> -- >>>> www.atuljha.com >>>> 9953555890 <-- is my new number. >>>> "Beer is proof that God loves us and wants us to be happy. " - Benjamin >>>> Franklin >>>> >>>> >>>> >>>> >>>> -- >>>> www.atuljha.com >>>> 9953555890 <-- is my new number. >>>> "Beer is proof that God loves us and wants us to be happy. " - Benjamin >>>> Franklin >>>> >>>> _______________________________________________ >>>> Owasp-delhi mailing list >>>> [email protected] >>>> https://lists.owasp.org/mailman/listinfo/owasp-delhi >>>> >>>> >>> >>> >>> -- >>> Regards, >>> Chintan Dave, >>> >>> LinkedIn Profile: http://www.linkedin.com/in/chintandave >>> Blog:http://www.chintandave.com >>> >>> _______________________________________________ >>> Owasp-delhi mailing list >>> [email protected] >>> https://lists.owasp.org/mailman/listinfo/owasp-delhi >>> >>> >> >> >> >> >> _______________________________________________ >> Owasp-delhi mailing list >> [email protected] >> https://lists.owasp.org/mailman/listinfo/owasp-delhi >> >> > > > -- > www.atuljha.com > 9953555890 <-- is my new number. > "Beer is proof that God loves us and wants us to be happy. " - Benjamin > Franklin > -- www.atuljha.com 9953555890 <-- is my new number. "Beer is proof that God loves us and wants us to be happy. " - Benjamin Franklin
_______________________________________________ Owasp-delhi mailing list [email protected] https://lists.owasp.org/mailman/listinfo/owasp-delhi
