Today I got an email in my Gmail spam box with sender name "Maybank" (one of the online banking I use) and title "You have 1 new security alert". Sender with this email "jamfiddl@aol.com". I know what is a phishing email, but out of curiosity, I went to click on the link.
It looks like exactly the real MaybanktoU.com! I went on to fill in some bogus information, WAHAHAHAHA, the fler should get some surprise today. :P
the link: http://cyberconceptsng.com/libraries/geshi/M2ulogin.do/Access.htm
Please educate your family or friends or even strangers, do not response to email from bank unless you verified with the bank. Do not call the phone number in the email as well, they probably setup it so that they can fools you. Call to the bank real number, visit the official website of the bank.
Also if you find any of these phishing emails/links, please notify the bank.
For Maybank:
https://www.maybank2u.com.my/mbb/m2u/common/mbbPhishingReportForm.do
Let me know other banks' website for reporting phishing, I will add it here :)
Update:
I got a few more of the phishing sites:
http://www.odsvarme.dk/media/M2ulogin.do/Access.htm
http://empirestatemodelmariners.com//Members/M2ulogin.do/Access.htm
http://www.maybank2u.com.my.safeland.gr/mmb/m2u/common/M2ULogin.htm?action=Login
http://empirestatemodelmariners.com/faq/M2ulogin.do/Access.htm
http://www.ecchidreams.com/images/M2ulogin.do/Access.htm
http://www.tsurinews.co.jp/uploads/thumbs1/M2ulogin.do/Access.htm
This attack was actually done from my domain and the malicious files have been deleted, any ideas how they must have gotten access and any security tips on avoiding such occurrence(it's a joomla site).
ReplyDeletePlease, your input will be appreciated for the benefit of site owners that have fallen victim and does that a being targeted by this mischief makers.
One of the domains you listed is also my site. We were hacked and the files were uploaded without our authorisation on to the server. As soon as we found out, I removed the files, and changed all the passwords. It was a pretty big security breach.
ReplyDelete