| Summary |
| Email title: |
"Credit Card Request from Federal
Deposit Insurance Corp." |
| Scam target: |
Credit card owners |
| Email format: |
A HTML email |
| Sender: |
securehq@fdic-secure.com
|
| Sender spoofed? |
Yes |
| Scam call to action: |
"we launched a new service dedicated
for those who wish to secure their credit cards against
fraud and to be part of a secure online transaction
network... shopp cheaper and safer for one month with
no charges" |
| Scam goal: |
Getting victim's credit card information |
| Call to action format: |
URL link |
| Visible link: |
http://fdic-secure.com/application.htm |
| Called link : |
http://fdic-secure.com/application.htm
|
| Resolved site: |
Domain does not exist |
|
| |
| E-mail |
The e-mail looks like quite an innocent announcement.
Of course, the "Hello there" greeting looks suspicious,
but overall it looks quite harmless. The interesting thing
here is that the message does not threaten, but tries to
lure you, like the spammers do. Of course, there is the "too
good to be true" factor present, but the policy described
does not sound incredible. The occasional spelling mistakes
should also ring a bell.
|
_email.jpg) |
| |
| Web Site |
| Visible link: |
http://fdic-secure.com/application.htm |
| Called link : |
http://fdic-secure.com/application.htm
|
| Resolved site: |
Domain does not exist |
|
There could be a number of reasons for the phish message
to redirect to an unexisting domain. Maybe this message
is just a trial for the real attack to commence later (behavior
noticed in spammers, but not in phishers so far). Or the
message was redirecting to an IP in an early phase of the
phish wave, and then the IP was removed, etc.
|
