One more http://202.51.236.28/icons/www.pnbindia.com/netbanking/
#shit On Wed, Jan 13, 2010 at 5:53 PM, atul jha <[email protected]> wrote: > ROLF another phishing URL for the PNB net-banking > > http://mail2.rybolt.net/icons/.secure/.service/pnbindia/login.htm > > Seems like its PNB at every corner. My friend @ankur mailed me link.Thanks > to him. > > > > On Wed, Jan 13, 2010 at 5:50 PM, atul jha <[email protected]> wrote: > >> >> >> http://www.pnb.net.in/ is not phishing page. [ >> http://samspade.org/whois/www.pnb.net.in] owner Tarun Shahani . >> >> On the other hand >> >> >> http://samspade.org/whois/pnb.co.in owner is PNB as organization [ >> http://samspade.org/whois/pnb.co.in] I was not able to get whois >> information for www.pnbindia.com >> >> I also tried calling number 011-23765434 which is mentioned on the account >> owner contact detail for [www.pnb.net.in] for authenticity but no one was >> picking the phone.On searching via http://phonebook.bol.net.in/ i found >> the number indeed is of P N B I IND FLR P N B BLDG SANSAD MRG-1 >> >> >> Now as 4 tomorrow my task-list includes calling same number again and >> speaking with Mr.Shahni :D >> >> I still not aware why they have two different whois result [as in owner] >> when domain belongs to same organization. >> >> >> >> On Wed, Jan 13, 2010 at 5:01 PM, vaibhav aher <[email protected]>wrote: >> >>> But PNB them self claims that PNBIndia.in is there domain. >>> Take a look at this.. >>> >>> http://www.pnb.net.in/ >>> >>> -- >>> Vaibhav Aher >>> InfoSec Consultant >>> >>> On Wed, Jan 13, 2010 at 4:31 PM, chintan dave <[email protected]>wrote: >>> >>>> I am not sure why they have multiple sites. Initial thought that came to >>>> my mind was phishing. So I fired a DNS look up query on both the domains. >>>> The following is the result. >>>> >>>> *A quick DNS look up:* >>>> >>>> *PNBIndia.in*: >>>> http://www.dnsstuff.com/tools/whois/?tool_id=66&token=&toolhandler_redirect=0&ip=www.pnbindia.in >>>> *PNBIndia.com*: >>>> http://www.dnsstuff.com/tools/whois/?tool_id=66&token=&toolhandler_redirect=0&ip=www.pnbindia.com >>>> >>>> Surprisingly NET4India is the registrar for both the URLs. >>>> >>>> Additionally, just out of curiosity, i tried the following as well: >>>> >>>> *PNBIndia.co.in <http://pnbindia.co.in/>*: >>>> http://www.dnsstuff.com/tools/whois/?tool_id=66&token=&toolhandler_redirect=0&ip=pnbindia.co.in >>>> >>>> The contact person for PNBIndia.in and >>>> PNBIndia.co.in<http://pnbindia.co.in/>is same. "Tarun Shahani" >>>> >>>> >>>> >>>> On Wed, Jan 13, 2010 at 4:28 PM, Soi, Dhruv < >>>> [email protected]> wrote: >>>> >>>>> Oops! PNB officials are already on the list. Though I forwarded to >>>>> him directly with Cc to GM IT. Some action is hopeful. >>>>> >>>>> >>>>> >>>>> By the way, The phishing form redirects to pnbindia.com. So it not >>>>> only collects the credit card numbers but also compromise the victim >>>>> through >>>>> drive-by-download method which seems to be taken off at the moment. >>>>> >>>>> >>>>> >>>>> *From:* atul jha [mailto:[email protected]] >>>>> *Sent:* 13 January 2010 16:20 >>>>> *To:* [email protected] >>>>> *Cc:* [email protected] >>>>> *Subject:* Re: [Owasp-delhi] Fwd: PNB phishing page. >>>>> >>>>> >>>>> >>>>> I wonder how come a government/nationalized bank can have such poor >>>>> security for online transaction.I was unable to see the pages correctly on >>>>> firefox as that is the only browser i have apart from this the portal has >>>>> no >>>>> secure signing authority like verisign or thawte. >>>>> >>>>> This is simply unacceptable.Lots of poor peoples account are unsafe.We >>>>> know rthe trick so we are safe what about others. >>>>> The worst part is one of the contct-us page mail id bounces back. >>>>> #shit #poor #irony >>>>> >>>>> >>>>> On Wed, Jan 13, 2010 at 4:10 PM, Soi, Dhruv < >>>>> [email protected]> wrote: >>>>> >>>>> Wow! Just to add further: >>>>> >>>>> >>>>> >>>>> Watch for: >>>>> >>>>> >>>>> >>>>> pnbindia.com >>>>> >>>>> pnbindia.in >>>>> >>>>> >>>>> >>>>> Can you see the difference? Dig and whois can be helpful and this link >>>>> can add more: http://safeweb.norton.com/report/show?url=pnbindia.com. >>>>> Though, Infected links seem to have removed. >>>>> >>>>> >>>>> >>>>> I have got some good links in PNB, let me help them out with this. >>>>> >>>>> >>>>> >>>>> Phish the Fish! ;-) >>>>> >>>>> >>>>> >>>>> *From:* [email protected] [mailto: >>>>> [email protected]] *On Behalf Of *atul jha >>>>> *Sent:* 13 January 2010 10:22 >>>>> *To:* [email protected] >>>>> *Subject:* [Owasp-delhi] Fwd: PNB phishing page. >>>>> >>>>> >>>>> >>>>> Morning all, >>>>> Well moments ago saw this mail and its not marked as spam a crafted >>>>> e-mail. >>>>> I tried my best to contact PNB guys but unfortunately there was no link >>>>> for phishing report on website of PNB. >>>>> I am sure more than 100 customers must have been fooled so far >>>>> submitting there credit card PIN. >>>>> I have attached screenshot alongwith. >>>>> >>>>> ---------- Forwarded message ---------- >>>>> From: *Punjab National Bank* <[email protected]> >>>>> Date: 2010/1/13 >>>>> Subject: Get your Refund Amount >>>>> To: [email protected] >>>>> >>>>> >>>>> You have get a Tax Refund on your Punjab National Bank >>>>> MasterCard. >>>>> Complete the formular, and get your Refund Tax. >>>>> >>>>> (Your Refund Amount Is 3200 rupees) >>>>> >>>>> Complete Formular bellow : >>>>> http://lindsaysunley.eu/pnbindia/online.html >>>>> >>>>> >>>>> Copyright Š 2010 - Punjab National Bank. All rights reserved. >>>>> >>>>> >>>>> regards, >>>>> >>>>> atul jha >>>>> >>>>> >>>>> -- >>>>> www.atuljha.com >>>>> 9953555890 <-- is my new number. >>>>> "Beer is proof that God loves us and wants us to be happy. " - Benjamin >>>>> Franklin >>>>> >>>>> >>>>> >>>>> >>>>> -- >>>>> www.atuljha.com >>>>> 9953555890 <-- is my new number. >>>>> "Beer is proof that God loves us and wants us to be happy. " - Benjamin >>>>> Franklin >>>>> >>>>> _______________________________________________ >>>>> Owasp-delhi mailing list >>>>> [email protected] >>>>> https://lists.owasp.org/mailman/listinfo/owasp-delhi >>>>> >>>>> >>>> >>>> >>>> -- >>>> Regards, >>>> Chintan Dave, >>>> >>>> LinkedIn Profile: http://www.linkedin.com/in/chintandave >>>> Blog:http://www.chintandave.com >>>> >>>> _______________________________________________ >>>> Owasp-delhi mailing list >>>> [email protected] >>>> https://lists.owasp.org/mailman/listinfo/owasp-delhi >>>> >>>> >>> >>> >>> >>> >>> _______________________________________________ >>> Owasp-delhi mailing list >>> [email protected] >>> https://lists.owasp.org/mailman/listinfo/owasp-delhi >>> >>> >> >> >> -- >> www.atuljha.com >> 9953555890 <-- is my new number. >> "Beer is proof that God loves us and wants us to be happy. " - Benjamin >> Franklin >> > > > > -- > www.atuljha.com > 9953555890 <-- is my new number. > "Beer is proof that God loves us and wants us to be happy. " - Benjamin > Franklin > -- www.atuljha.com 9953555890 <-- is my new number. "Beer is proof that God loves us and wants us to be happy. " - Benjamin Franklin
_______________________________________________ Owasp-delhi mailing list [email protected] https://lists.owasp.org/mailman/listinfo/owasp-delhi
