Phishing database I
Phishing responds to a purely criminal activity, part of the circuit that drives the illegal business of crimeware, designed to steal money using the sensitive and private information from users that criminals obtained through non-sacred activities.
Therefore, as a preventive measure, it's important not to allow access to the domains that host usually banks cloned pages, webmail and any other Internet service through a process that requires authentication.
To that end, born Phishing database, a compendium of fraudulent domains for implementing a plunger of phishing, which can be used to create the block lists.
Therefore, as a preventive measure, it's important not to allow access to the domains that host usually banks cloned pages, webmail and any other Internet service through a process that requires authentication.
To that end, born Phishing database, a compendium of fraudulent domains for implementing a plunger of phishing, which can be used to create the block lists.
Wachovia Corporation
http://www.stc.lk/it/home/online.wachovia.com/accountupdate/AuthService.php?action=presentLogin&url=https%3a//onlineservices.wachovia.com/NASApp/NavApp/Titanium%3faction%3dreturnHome (96.30.15.196) -
PayPal
h**p://aurelie-et-arnaud.me/img/paypal/verify/login.php (213.186.33.87) -
h**p://www.yvescochet.net/.secure.paypal.fr/verified_by_paypal/webscrcmd=_login-run/cgi-bin/_login/ (213.186.33.2) -
h**p://dz-tero.com/paypal/ (74.217.128.53) -
h**p://www.paypal.com.0ytyz0oxg18bu.124nruo3kb3j903ers01.com/cgi-bin/webscr/?login-dispatch&login_email=unnimay@aol.com&ref=pp&login-processing=ok (195.56.18.126) -
Hungaryh**p://www.124nruo3kb3j903ers01.com/cgi-bin/webscr/ (195.56.18.126) -
h**p://www.syrianaction.com/data/.confirm/paypal/ (88.198.217.51) -
h**p://www.paypalcomservupdate.intl-paypal1.com/us/cgi-bin/?cmd=_login-run (218.36.124.140) -
h**p://ukghd.com/images/www.paypal.com/cgi-bin/webscr.htm?cmd=_login-run (85.192.32.211) -
h**p://203.101.73.204/www.paypal.com.au/security/cgi-bin/webscr.htm?cmd=_login-run -
h**p://52274548.es.strato-hosting.eu/lol/webscr.php?cmd=LogIn (81.169.145.81) -
h**p://www.kules.knows.nl/cgi/ (91.121.2.117) -
h**p://lejournalduthesard.info/help/css/update/online-information/fr/verefication-compte/online-update/webscr.php?cmd=_login-run&dispatch=5885d80a13c0db1f1ff80d546411d7f84f1036d8f209d3d19ebb6f4eeec8bd0e57b2ad7d754c297ea32a3580bcf6dcb357b2ad7d754c297ea32a3580bcf6dcb3
h**p://208.101.19.98/~mikorg/ -
h**p://iwww.cz.cc/PayPal.fr/paypal/fr/webscr.php?cmd=_login-run&dispatch=5885d80a13c0db1f998ca054efbdf2c29878a435fe324eec2511727fbf3e9efc0779736997661668caf8ff5d99e81fe40779736997661668caf8ff5d99e81fe4
eggh**p://www.luxor2020.com/about/files/Image/jpg/txt/neweggcom/security/customer/index.html (207.210.125.219) -
CUA
h**p://www.zoi-creation.com/customers.cua.com.au/webbanker/CUA/2/notice.htm
h**p://www.zoi-creation.com/customers.cua.com.au/webbanker/CUA/ (93.184.35.226) -
HSBC
h**p://cmodz-hosting.com/upload/cache/IBlogin.html (66.102.237.82) -
h**p://www.w650-france.com//forum/modules/index.html (213.186.33.4) -
h**p://www.ifsb.co.kr/bbs/data/guest/gold/folder/folder/New%20Folder/United2/Folder/Folder/Folder/Folder/Folder/Folder/Folder/empty/empty/empty/United2/United/United/United/HSBC/index.html (210.102.34.17) -
h**p://dodongminhhien.com/modules/pib-home/2/1/personal/hsbc.co.uk/IBlogin.html (203.113.173.20) -
eBayh**p://rahasiabisnis21.com/_space/apache_module.php (202.69.111.58) -
h**p://www.ebay.motors-cgi-items.com/cars-trucks_2003-BMW330I_W0QQitemZ15982632345413QQihZ012QQcategory-cars-trucksZ21983317QQssPageNameZWDVWQQrdZ1QQcmdZViewItems/index2.php (69.147.83.187) -
h**p://190-13-160-211.bk14-ipfija.surnet.cl/.ws-cgi/index.php -
h**p://7beginnings.com/~sothebys/assets/profile/ws/login.html (203.211.129.222) -
JPMorgan Chase Bank
h**p://7beginnings.com/~sothebys/assets/profile/auth/secure/chase-sec/onlinebanking.chase.com=logon_confirm/ (203.211.129.222) -
In this case, in the same living space there is a breach against eBay phishing and another against JPMorgan Chase Bank in the IP address 203.211.129.222. The site is controlled by a shell in php call !islamicshell v. edition ADVANCED!.
The truth is that in addition to web upload cloned, the attacker can quietly, such as spreading malware of any type hosted on the server which hosts the site, including (a very common and which tend to be used the shell php) defacing.Lloyds TSB Bank
h**p://www.ifsb.co.kr/bbs/data/guest/gold/folder/folder/New%20Folder/United2/Folder/Folder/Folder/Folder/Folder/Folder/Folder/empty/empty/empty/United2/United/United/United/Lloyds/customer.php (210.102.34.17) -
Barclays
h**p://www.ifsb.co.kr/bbs/data/guest/gold/folder/folder/New%20Folder/United2/Folder/Folder/Folder/Folder/Folder/Folder/Folder/empty/empty/empty/United2/United/United/United/Barclays/LoginMember.login.htm (210.102.34.17) -
Canada Revenue Agency
h**p://221.134.144.147/cra-arc.gc.ca/esrvc-srvce/tx/ndvdls/myrefund/getStatus_en.htm
Poste italiane
h**p://fgewfgewdfsa.pochta.ru/posste.html (82.204.219.221) -
h**p://mesagio-postepay.xaker.ru/postpayleg-clientesdasdhit.html (194.67.36.117) -
Abbey
h**p://www.velositas.com/update/myonlineacounts2.abbeynational.co.uk/Logonaction=prepared/Logonaction=prepare/ (75.126.202.209) -
Jorge Mieres
4 comentarios:
The information is threatening . I don't understand the technical detail but realize the importance of taking preventive measures. I will highlight the topic in computer forum.
Thanks bro! :)
Browsers should integrate the functionality of the Mozilla Firefox FlagFox Add-On. This way, users can see in which country the website is located, which reduces the chance they fall for the scam.
Usually the discussion about this subject is about user awareness. I think the discussion should also about the amount of intelligence available to the user to assess whether a remote website can be trusted.
Empower the users by offering them the intelligence they need, so they become more aware ?
http://www.paypal-hi.com/nls/?cgi-bin/webscr?cmd=_login-run
Post a Comment