|
Date Reported: 8th February 2010 |
Risk Level: MEDIUM |
|
|
|
|
|
Email Subject: |
possible fraudulent transaction occurred |
|
Apparent Sender: |
VISA |
|
Return Address: |
Not found |
|
Email Format: |
HTML |
|
URL of Web Content: |
http://sessionid_QCYRA3FCJ3T.cforms.visa.com.udasw y.cz/secureapps/vdir/cholderform.php?ref277454272 50763919556234623630736700644671524615887291449594 86720795329&email=gerard-seibert@seibercom.net |
|
Anchor text of URLs: |
1) http://sessionid_QCYRA3FCJ3T.cforms.visa.com/ secureapps/vdir/cholderform.php?refi459086513 772662102155782935335961&email=gerard-seibert @seibercom.net |
|
Location: |
Location not available |
|
Scam number: |
7755-101813-324528 |
|
Comments: |
- Email asks you to confirm/update/verify your account data at VISA by visiting the given link. You will be taken to a spoof website where your details will be captured for the phishers.
- VISA never send their users emails requesting personal details in this way.
- The anchor text appears as a legitimate URL, but don't be fooled - clicking on it will take you to a phishing site!
- The spoof website this email links to was not online at time of this report, but variations of the scam which link to working websites are bound to exist, so be wary! The website may have been taken down or disabled by the hosts, but quite often these websites are hosted on the personal computer of the phishers, so may only be online at certain times.
|
|
|
|
|
|
|
|
|
Dear VISA card holder,
A recent review of your transaction history determined that your card was used at an ATM located in Oman, but for security reasons the requested transaction was refused. You need to complete the VISA Card Holder Form. You can do this by clicking the link below:
HTTP://SESSIONID_QCYRA3FCJ3T.CFORMS.VISA.COM /SECUREAPPS/VDIR/CHOLDERFORM.PHP?REFI45908651 3772662102155782935335961&EMAIL=GERARD-SEIBER T@SEIBERCOM.NET
VISA Cards Support
|
|
Click for full size image |
|
Website: |
|
|
|
|
Website was not online when we checked. It returned the error 400 |