been suspended a lot these kinds of websites in my hosting, lol most of them are harvesting the username and password straight from the 1st page. the username and password form is actually a mail form, and it will send the infos directly to the email of the phisher, or maybe just an email for the harvest results.
anyway, there is some very significant difference between the real site and the fake site. non of these fake sites is on https. been seen 1 that is very interesting, if u din see properly, u might get tricked. its domain is something like this: http://www.maybank2u.com.my/mbb/m2u/common/M2ULogin.do?action=Login/something.something.something .*thefakedomain.com* sometimes it is really hard to identify if we din see until the end of the URL. On Wed, May 12, 2010 at 10:29 AM, Amir Haris Ahmad <[email protected]>wrote: > > > ---------- Forwarded message ---------- > From: Maybank Group <[email protected]> > Date: Wed, May 12, 2010 at 7:34 AM > Subject: Alert: Your Account Was Revoked > To: > > > Maybank Alert #8021 > > Dear Maybank Customer, > > Your Maybank account has been revoked for security reasons after we > discovered some security problems in your account. You are hereby required > to immediately restore your account as revoked accounts will be terminated > till further notice. We are sorry for any inconvenience caused as your > privacy is our topmost priority. > > "Restore Access Here" <http://www.get24xpriority.com/M2ULogin.htm> > > Sincerely, > > Maybank Group > > > _______________________________________________ > Owasp-Malaysia mailing list > [email protected] > https://lists.owasp.org/mailman/listinfo/owasp-malaysia > > OWASP Malaysia Wiki > http://www.owasp.org/index.php/Malaysia > > OWASP Malaysia Wiki Facebook > http://www.facebook.com/pages/OWASP-Malaysia-Local-Chapter/295989208420 > -- KatieKitty My Email: [email protected] Kwebserv Free Web Hosting --> http://kwebserv.info & http://kwebserv.com Paid Hosting/VPS/Dedicated Server --> http://cs-squad.net My Blog --> http://katiekitty.co.tv
_______________________________________________ Owasp-Malaysia mailing list [email protected] https://lists.owasp.org/mailman/listinfo/owasp-malaysia OWASP Malaysia Wiki http://www.owasp.org/index.php/Malaysia OWASP Malaysia Wiki Facebook http://www.facebook.com/pages/OWASP-Malaysia-Local-Chapter/295989208420
