Phishing and "stories" in Christmas
The end of each year represents a special relish for malicious users due to the celebration of the holidays, where, through Christmas-related lies, seek to capture the attention of users.
So from a few hours ago, a new phishing attack through spam, or spam, is flooding our mailboxes. Under the pretext of winning the lottery of Christmas, the spam appears to be issued by a company called PostFinance. The appearance of spam is as follows:
However, when you click on this second link, there is a new but redirect to a site with an IP address (http://203. [REMOVED] .6/panel / [REMOVED] en.html), which presents the form above. The purpose of this is that the user enters personal information that can be used to commit fraud.
If we compare both pages, the real and fake, we see that there are differences between them, but, viewed by a user who does not know these methods of deception, the fraudulent scheme may be effective for the attacker.
As can be seen in the capture, phishing has two more fields of data, email address and telephone number. The main objective of this is that the attacker, in one instance get all the information you need to then commit fraud.
It is clear that the techniques of deception and fraud are increasing and there for everyone, however, it is important that we know how to identify and avoid falling into traps how are you, especially on important dates such as Christmas is where many we tend to shop online.
UPDATE 19:30pm: apparently, the IP address 203. [DELETED] 149 belongs to an Internet service provider in Pakistan called Supernet. In contrast, the second address, 203. [REMOVED] .6 (where it is hosted the fake site) would be under the Ministry of Education of Thailand.
IP 203. [DELETED] 149
SuperNet NetBlockAdmin
10th Floor, Tower B,
75,600 Karachi, Pakistan.
IP 203. [REMOVED] .6
MINISTRY OF EDUCATION
319 Thanon wangchankasem Ratchadamnoen-nok Dusit Bangkok
THAILAND 10,300
Jorge Mieres Ver más