|
Date Reported: 8th February 2012  |
Risk Level: MEDIUM-HIGH |
|
| |
 |
 |
| |
Email Subject: |
Alert message: Recent suspicious login attempts |
|
Apparent Sender: |
Santander Bank |
|
Return Address: |
Plcnotice@santander.co.uk |
|
| Email Format: |
HTML |
| |
URL of Web Content: |
http://halifax.nazuka.net/csgs_Satellite_canal_CAB
BEYCOM_1237889419188_cidAgrup_845616358929450_Abbe
ycom_leng_en_GB_pagename_Abbeycom_PageWC_ACOM_Home
_posSel_1/
|
|
Anchor text of URLs: |
1)
https://retail.santander.co.uk/LOGSUK_NS_ENS/
BtoChannelDriver.ssobto |
|
Location: |
AMSTERDAM, OHIO, UNITED STATES |
| |
Scam number: |
19813-322416-706916 |
| |
Comments: |
- Email asks you to confirm/update/verify your account data at Santander Bank by visiting the given link. You will be taken to a spoof website where your details will be captured for the phishers.
- Santander Bank never send their users emails requesting personal details in this way.
- The anchor text appears as a legitimate URL, but don't be fooled - clicking on it will take you to a phishing site!
|
| |
|
|
|
 |
| |
|
| |
X-Originating-IP: [71.246.8.162]
Reply-to: notice@santander.co.uk
Message-id:
0LZ200C8QK5M7EL0@vms169121.mailsrvcs.net
MIME-version: 1.0
X-MIMEOLE: Produced By Microsoft MimeOLE
V6.00.2600.0000
X-Mailer: Microsoft Outlook Express
6.00.2600.0000
Content-type: text/html; charset=Windows-1251
Content-transfer-encoding: 8BIT
X-Priority: 3
X-MSMail-priority: Normal
X-Declude-Spoolname: 267685359.eml
X-Declude-RefID:
Original-recipient: rfc822;mbd7@gte.net
...
|
|
Click for full size image |
| |
| Website: |
|
|
| |
|
Click for full size image |
