| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <405CC69A.7050901@nbnet.nb.ca> From: smenard at nbnet.nb.ca (Steve Menard) Subject: Another false Citibank e-mail...a new phishing? Christian wrote: > Elia Florio wrote: > >> I receveid this bad-spoofed-Citibank e-mail, >> which points to a PHP page which ask for credit card >> number..........and stole it!!! >> Is it the next phishing e-mail ? >> The link points to http://218.36.71.193:443/citi/ > > > i tried http://218.36.71.193/ then, this seems to be the home of > www.sk.com (from FAQ: What is SK? > SK is Korea?s fourth largest conglomerate and one of the leading > business organizations in Asia...) > > someone has set up a 2nd Apache on :443 (!SSL), and created /citi to > phish credit card numbers?? > > Christian. Nope. Just More misdiredction by the miscreants try the url http://218.36.71.193:443/test.php The requested URL /test.php was not found on this server. ------------------------------------------------------------------------ Apache/1.3.6 Server at proxyegana.goldpfeil.de Port 80 [stm@rp2]$ nslookup www.sk.com Note: nslookup is deprecated and may be removed from future releases. Consider using the `dig' or `host' programs instead. Run nslookup with the `-sil[ent]' option to prevent this message from appearing. Server: 192.168.8.1 Address: 192.168.8.1#53 Non-authoritative answer: Name: www.sk.com Address: 64.227.233.29
Powered by blists - more mailing lists