[Owasp-Malaysia] [SPAM] Re: Fwd: Alert: Your Account Was Revoked

Katie Kitty admin at flamehaze.info
Thu May 13 20:13:36 EDT 2010


been suspended a lot these kinds of websites in my hosting, lol
most of them are harvesting the username and password straight from the 1st
page.
the username and password form is actually a mail form, and it will send the
infos directly to the email of the phisher, or maybe just an email for the
harvest results.

anyway, there is some very significant difference between the real site and
the fake site.
non of these fake sites is on https.
been seen 1 that is very interesting, if u din see properly, u might get
tricked.
its domain is something like this:
http://www.maybank2u.com.my/mbb/m2u/common/M2ULogin.do?action=Login/something.something.something
.*thefakedomain.com*

sometimes it is really hard to identify if we din see until the end of the
URL.


On Wed, May 12, 2010 at 10:29 AM, Amir Haris Ahmad <amir at localhost.my>wrote:

>
>
> ---------- Forwarded message ----------
> From: Maybank Group <update at m2u-alert3.com>
> Date: Wed, May 12, 2010 at 7:34 AM
> Subject: Alert: Your Account Was Revoked
> To:
>
>
>  Maybank Alert #8021
>
> Dear Maybank Customer,
>
> Your Maybank account has been revoked for security reasons after we
> discovered some security problems in your account. You are hereby required
> to immediately restore your account as revoked accounts will be terminated
> till further notice. We are sorry for any inconvenience caused as your
> privacy is our topmost priority.
>
> "Restore Access Here" <http://www.get24xpriority.com/M2ULogin.htm>
>
> Sincerely,
>
> Maybank Group
>
>
> _______________________________________________
> Owasp-Malaysia mailing list
> Owasp-Malaysia at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-malaysia
>
> OWASP Malaysia Wiki
> http://www.owasp.org/index.php/Malaysia
>
> OWASP Malaysia Wiki Facebook
> http://www.facebook.com/pages/OWASP-Malaysia-Local-Chapter/295989208420
>



-- 
KatieKitty
My Email: admin at flamehaze.info

Kwebserv Free Web Hosting --> http://kwebserv.info & http://kwebserv.com

Paid Hosting/VPS/Dedicated Server --> http://cs-squad.net

My Blog --> http://katiekitty.co.tv
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-malaysia/attachments/20100514/0dff9653/attachment.html 


More information about the Owasp-Malaysia mailing list