The natwest are becoming regularly featured as victims in these pages, and this particular variant was last reported in November. Amusingly, the phisher involved as left the same copyright date on!This time the target URL is http://wvps212-241-211-79.vps.webfusion.co.uk/nwolb.com/default.aspxrefererident=[removed]8&cookieid=[removed]&noscr=true/secure.php, who are probably not yet aware of what they are being used for. As with the recent Natwest emails, it uses the double referrer id / cookie id in the tracking.
It's also sent to 1 email at a time and is quite prolofic - I've already received it through 4 different email addresses. It's already been sent to the NatWest for them to deal with.
Here's the content:
• Automated Security Notice
• As part of our security measures, We believe that, in everything else, you deserve the best in banking too. Therefore protective measures is been applied to satisfy our striving costumer needs. Our technical service department is currently upgrading our SSL servers to enhance adequate banking security, to give our costumers a better, fast and secure online banking service. We noticed several unsuccessful login attempts and therefore have decided to temporarily restrict your online access. To regain access to your online banking Please click on • Online Banking Logon to continue the verification process. • (Failure to verify your Online Access service changes will lead to account disconnection)
Thank you.
Online Banking Security Team
NatWest Internet Banking.
(c)2007 All Rights Reserved
No comments:
Post a Comment