Attention all Halifax Internet banking users

Another Spoof Email and Phishing Scam report by MillerSmiles.co.uk - click this image to go to our home page.

Attention all Halifax Internet banking users
28th April 2004

please forward any scams you've received to spoof@millersmiles.co.uk

Report Summary
Date Reported	28th April 2004
Apparent Sender	Halifax
Return Address	Halifax <user-supports33@halifax.co.uk>
Subject	Attention aII Halifax Internet banking users
Format	HTML - image only
Method	clicking any where on the image leads to bogus web content which is presented as a pop-up style window in front of the genuine Halifax UK home page. Submitted form data is captured by a local script.
Bogus Web Content?	Yes
URL of web content	http://www.halifax-online.co.uk_mem_binformslogin.asp.userset.net: 4903/h/formslogin.htm (URL of the pop up style window which contains the forged form)
RISK LEVEL	HIGH
WARNINGS	1. Employs script to open the genuine halifax.co.uk home page as a backdrop to the bogus page which is opened in a pop up style window. 2. The userset.net has been used in a wide variety of Bank scams, Learn more in our Forum.

" Dear client of the Halifax Internet banking, The recent cases of the fraudulent use of clients accounts forced the Technical services of the bank to update the software "...

Another instance where forged web content is presented in front of a genuine web page giving the impression that the forgery is a pop up window generated byt he genuine page (see images below).

The forged page is heavily scripted, and users wont be able to see the genuine URL by using a right click of selecting file properties. The true URL is http://www.halifax-online.co.uk_mem_binformslogin.asp.userset.net:4903/h/formslogin.htm which resolves to an anonymous DNS service and not the Halifax Bank.

If you have received this email, please remember that it is very common for these email scams to be redistributed at a later date with only slightly different content or the same but with the fake page(s) hosted by a different provider. Also, once you have received one of these hoaxes, it is also common place to receive at least another one and usually a day or two after the first, although not necessarily from the same apparent sender.

The Spoof Email ...

Attention all Halifax Internet banking users

The bogus web page (the pop up style window - in front of the genuine page - contains the forged web content) ...

Attention all Halifax Internet banking users


Stay informed of the latest Spoof Email Phishing Scams with either of our FREE alert services... Email Alerts Add your email address to our email alert service... Subscribe Privacy Policy RSS News Feed Tap into our Scam Alert service using your News Reader or Aggregator (including My Yahoo!). Scam Alert News Feed You can even put the latest alerts on your own web site.

Library of Spoof Email Phishing Scams Brief guide to Phishing Full article on spoof email scams Spoof URL Checker Link Checker Browser URL Spoofing Vulnerability Check Latest browser bug aids Phishing Scams - beware!

Click the arrow to return to previous page Home Guides... Book Terminology How to identify a first edition book Auction Watcher List of the main Auction Sites world wide
<table border='0' cellpadding='0' cellspacing='0' width='120' height='243'> <!--DWLayoutTable--> <tr> <td><a href='http://www.amazon.co.uk/exec/obidos/redirect-home/millersmile09-21' target=_top ><img src="http://images-eu.amazon.com/images/G/02/associates/recommends/default_120x243.gif" width=120 height=243 border="0" access=regular></a></td> </tr> <tr> <td height="1"><img src="../spacer.gif" alt="" width="120" height="1"></td> </tr> </table>

Attention all Halifax Internet banking users 28th April 2004

Attention all Halifax Internet banking users
28th April 2004