Another incidence of address bar spoofing ...
We are faced with another incidence of Address Bar Spoofing in
this phishing scam which involves a spoofed Fleet Bank email (see below) which
links to a forged homelink.fleet.com page (see image below).
The whole address bar area of the forged page is built using
HTA, HTML, JavaScript and images with text for the URL. You will notice in the
example below that some of the images are missing and this is due to a syntax
error in the page code. See also this similar Citibank
Phishing Scam, and our recent press release concerning
Address Bar Spoofing to learn more.
If you have received this email, please remember that it is very
common for these email scams to be redistributed at a later date with only slightly
different content or the same but with the fake page(s) hosted by a different
provider. Also, once you have received one of these hoaxes, it is also common
place to receive at least another one and usually a day or two after the first,
although not necessarily from the same apparent sender. The Spoof Email ...
Dear
FleetBank Member,
This email was sent by the FleetBank server to verify your e-mail
address. You must complete
this process by clicking on the link below and entering your FleetBank ATM/Debit
Card number and PIN that you use on ATM. This is done for your protection because
some of our
members no longer have access to their email addresses and we must verify it.
This is to prevent
any type of online fraud .FleetBank is made to protect your identity online.
To verify your e-mail address and protect your FleetBank account,click
on the link below. If
nothing happens when you click on thelink (or if you use AOL), copy and paste
the link into the
address bar of your web browser.
http://onlinebanking.fleet-bank.net/login.htm
Thank you for using Fleet Bank
The
bogus web page ... |