The link on the email claiming to be Bank of America was of course not. The link went to 0x3B.0x97.0x38.0x51 (59.151.56.81) and then redirected to 210.105.197.71.
http://0x3B.0x97.0x38.0x51/re.htm";>http://www.bankofamerica= .com/sas/sitekey/profile/step1.htm Getting Whois Data for 59.151.56.81. Please wait ... inetnum: 59.151.0.0 - 59.151.127.255 netname: CHINA-ABITCOOL descr: Abitcool(China) Inc. descr: Beijing, China country: CN The content of the phish is located in a directory with the name " ", just a blank space. It contains tar files for several different archives with a particular notation. I received the BankofAmerica one but there is also ebay and Citibank. The tar files are listed below with their corresponding company targets. Sitekey.tgz Bank of America [EMAIL PROTECTED] Ebay_luta.tar Ebay [EMAIL PROTECTED] cgi-scripts_luata.tar Citibank [EMAIL PROTECTED] citiver_luata.tar Citibank [EMAIL PROTECTED] citiver_luata1.tar Citibank [EMAIL PROTECTED] citibank_luata.tar Citibank [EMAIL PROTECTED] You now have phisher's emails... I'll be nice. :) -- How interesting can 0s and 1s really be?
_______________________________________________ phishing mailing list [email protected] http://www.whitestar.linuxbox.org/mailman/listinfo/phishing
