| Summary |
| Email title: |
"Your AOL Account....." |
| Scam target: |
AOL customers |
| Email format: |
A text email |
| Sender: |
service@aol.com
|
| Sender spoofed? |
Yes |
| Scam call to action: |
"...to enjoy your AOL experience
and keep your account active,
you must enter new, *valid* credit card information..." |
| Scam goal: |
Getting victim's AOL username/password;
credit card information (number, PIN, bank, etc.),
and personal information - address, e-mail, phone,
driver's licence number, etc. |
| Call to action format: |
URL link |
| Visible link: |
http://www.aolaccountupdate.com |
| Called link : |
http://www.aolaccountupdate.com
|
| Resolved site: |
http://www.aolaccountupdate.com |
|
| |
| E-mail |
This e-mail looks quite innocent. It looks like a message
about some small-time e-bay auction, that many people are
likely to participate in. It looks quite plain, with just
a single eBay logo on it. Yet, a lot of variations of these
messages are spread, and that makes the attack potentially
more harmfull.
The link on the message also looks legitimate .
|
_email.jpg) |
| |
| Web Site |
| Visible link: |
http://www.aolaccountupdate.com |
| Called link : |
http://www.aolaccountupdate.com
|
| Resolved site: |
http://www.aolaccountupdate.com |
|
When you click the link, a special window opens:
|
| |
_site2.jpg) |
This is one of the many efforts the site will make to
persuade you in its authenticity.
Then, the phish site itself opens:
|
_site.jpg)
|
The site uses the same style and pictures/fonts as the
AOL site. The links on the navigation bars are authentic
- they lead to the legitimate AOL site. The links that
lead to other HTMLs on the phishing site are obscured
in the status bar. The page throws in explanations of
how safe it is, trying to convince you in its authenticity,
and to mimic AOL as much as possible. But you should
notice that there is no browser indication of being in
a secure connection, contrary to what the site says.
The URL is a HTTP, not a HTTPS one.
|
| WHOIS Data (easy to fake): |
Domain Name: AOLACCOUNTUPDATE.COM
Registrar: TUCOWS INC.
Administrative Contact: Mann, Kristine kazaaplat@mail.com
|
|
