|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: [Full-Disclosure] Another false Citibank e-mail...a new phishing?
From: Steve Menard (smenard
nbnet.nb.ca)
Date: Sat Mar 20 2004 - 16:32:58 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Christian wrote:
> Elia Florio wrote:
>
>> I receveid this bad-spoofed-Citibank e-mail,
>> which points to a PHP page which ask for credit card
>> number..........and stole it!!!
>> Is it the next phishing e-mail ?
>> The link points to http://218.36.71.193:443/citi/
>
>
> i tried http://218.36.71.193/ then, this seems to be the home of
> www.sk.com (from FAQ: What is SK?
> SK is Korea’s fourth largest conglomerate and one of the leading
> business organizations in Asia...)
>
> someone has set up a 2nd Apache on :443 (!SSL), and created /citi to
> phish credit card numbers??
>
> Christian.
Nope.
Just More misdiredction by the miscreants
try the url
http://218.36.71.193:443/test.php
The requested URL /test.php was not found on this server.
------------------------------------------------------------------------
Apache/1.3.6 Server at proxyegana.goldpfeil.de Port 80
[stmrp2]$ nslookup www.sk.com
Note: nslookup is deprecated and may be removed from future releases.
Consider using the `dig' or `host' programs instead. Run nslookup with
the `-sil[ent]' option to prevent this message from appearing.
Server: 192.168.8.1
Address: 192.168.8.1#53
Non-authoritative answer:
Name: www.sk.com
Address: 64.227.233.29
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]