SecurityIntelligence is another division of MalwareIntelligence that focuses on aspects related to Information Security. The proposed content related to security issues and aspects relating to the management and administration of an information environment.

February 16, 2010

Phishing database II

Financial & Banking Institutions 

Bank of America
http://i37.tinypic.com/1zo957a.jpg
http://i35.tinypic.com/20tp4t0.jpg
Banco do Brasil
http://www.ricklegrandphotography.com/own/index.htm?portalbb
BBVA
http://87.225.254.21/vendors/shells/templates/verificacion/index.html

HSBC
http://www.silverstoneincense.com.au/IBlogin.html
http://www.buyitdirect.co.nz/images/indexx/hsbc/1.php?jsessionid=CAM10:jsessionid=0000RcSVT4vYF7HNB8AsppR8HRo:11j71fovq?IDV_URL=hsbc.MyHSBC_pib
http://delthelboi.net/COsutmer/COsutmer/hsbc/1.php?jsessionid=CAM10:jsessionid=0000RcSVT4vYF7HNB8AsppR8HRo:11j71fovq?IDV_URL=hsbc.MyHSBC_pib
http://woorizip1004.net/zboard/icon/IBlogin.html
http://www.ceipmiraflores.com/inc/ceip/IBlogin.html
http://www.lbirelandftp.com/e-card/IBlogin.html
http://www.galilee.cc/zeroboard/data/rr/CAM10.php?idv_cmd=idv.Logoff&nextPage=IDV_CAM10_AUTHENTICATION=2178611a6f5b6d7d722eacaa9c0a1f52LogonBy=Connect2178611a6f5b6d7d722eacaa9c0a1f52
http://www.officeresourcegroup.com/_analog/hsbc.co.uk/IBlogin.html
http://host24-128-static.39-79-b.business.telecomitalia.it/.personal/www.HSBC.Co.Uk/1/2/1.php?jsessionid=CAM10:jsessionid=0000RcSVT4vYF7HNB8AsppR8HRo:11j71fovq?IDV_URL=hsbc.MyHSBC_pib
http://www.officeresourcegroup.com/_analog/hsbc.co.uk/1/2/IBlogin.html
http://www.sinhvienqb.com/gallery/images/admin/IBlogin.html
http://egg-inter.com/upload/www.hsbc.co.uk/1/IBlogin.html
Poste italiane
http://gerfdsafsd.pochta.ru/posste.html
http://vaguematch.com/ioncube/_/https/www.poste.it/bancoposta/online/_private/bpol/CARTEPRE/index.php?MfcISAPICommand=SignInFPP&UsingSSL=1&email=&userid=
http://www.postevita.it/postevitaTFR.fcc?TYPE=33554433&REALMOID=06-bed2d688-fca1-10a2-bc8e-8392a717ff3e&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=$SM$ZEj9fNrjJTQ1UbgR9hbQoqbSyCYN9lBONkWfqG8%2fz9C7F9%2bG8tRBmA%3d%3d&TARGET=$SM$http%3a%2f%2fwww.postevita.it%3a85%2fgestionetfr%2findex.shtml
CartaSi
http://aviso-utente.rbcmail.ru/utente-cartaSI.html
ABSA
http://www.technicalconsultants.gr/images/oziogallery2/ib.html
HaliFax
http://www.lechateauedizioni.it//components/com_performs/halifax_mail_form/index.php

Regions
http://www.lbirelandftp.com/content/Regions/Regions/
CUA (Credit Union Australia)
http://www.cua-web-banker.com/098237409823749802378905/
Citigroup
http://www.naturalcurves.com//wp-content/themes/blueberry-boat/online-citi-cards/citi%20card/citi%20card/update.html

CajaMadrid
http://oi-cajamadrid.com.es/CajaMadrid/oi/pt_oi/Login/

Orange
 http://92.243.8.56/Orange/info-online-verification.php
http://adminpanel.net/xcart/images/cartpictures/http-id.orange.fr-auth_user-bin-authNuser.cgidate=1266009664=skey=3a347076d2326ec771ebe84a8de131fc=service=communiquer=url=http:webmail1eb.orange.fr*webmail*fr_FR/

VISA
 http://alerts.cforms.visa.com.rep021.kr/secureapps/vdir/cholderform.php
http://92.243.8.56/VerifiedByVisa/visa/error_info.php?cmd=_login-run&dispatch=5885d80a13c0db1f1ff80d546411d7f84f1036d8f209d3d19ebb6f4eeec8bd0ef1b64e562942814a64d80bf24862819bf1b64e562942814a64d80bf24862819b?cmd=_login-run&dispatch=5885d80a13c0db1f1ff80d546411d7f84f1036d8f209d3d19ebb6f4eeec8bd0ef1b64e562942814a64d80bf24862819bf1b64e562942814a64d80bf24862819b

MasterCard
http://www.roxanalatorre.com/panel/mastercard/


Electronic Commerce
PayPal
http://74.86.158.3/~bigbigca/uc/Activation/paypal/
http://french-kiss.org/~o103594/paypal.com/wwwpaypalcompaypalloginukusupdateinfo/webscr.php?cmd=_login-run&dispatch=2e310e6fd3c468fe3657669af990d4912e310e6fd3c468fe3657669af990d491
http://exorh.com/~o103594/paypal.com/wwwpaypalcompaypalloginukusupdateinfo/webscr.php?cmd=_login-run&dispatch=2e310e6fd3c468fe3657669af990d4912e310e6fd3c468fe3657669af990d491
http://calvarychapelabuja.com/users/barbara/account/?cmd=_login-run
http://adcomphelp.com/tutorials/cam/paypal.com/fr/cmd=_registration-run/webscr.php?cmd=_login-run&dispatch=9cf470a1ba43eb481569e296a16bd15d9cf470a1ba43eb481569e296a16bd15d
http://aempresarial.com/admin/www.PayPal.Com22/webscrcmd=_login-done&login_access=1190737782.htm
http://paypol.tk/fr/
http://is250.internetdsl.tpnet.pl/FRS/
http://office.supportacct.operaunite.com/webserver/content/?cmd=_login-run&session-redirect=noCookie
http://www.yoville.justfree.com/
http://www.anassoft.net/webscr.php
http://paypal-ag.de/see/
http://www.coinentertainment.com/images/www.paypal.com/management/financial/login.html
http://paypal-uk.webcindario.com/
eBay
http://rahasiabisnis21.com/_space/apache_module.php?customerid=hemi2u2@yahoo.com&co_partnerId=2&siteid=0&ru=&PageName=login_run&pp=pass&pageType=signin.ebay.com.ws.eBayISAPI.dll.fxHVPoQCOORAlDQoKlPMCP
http://webproxy.go2myspace.com/sell.ebay.ie/ws/eBayISAPI.dll?SellItem
http://www.vietwebdisk.com/signin.ebay.com/ws/eBayISAPI.dll?SignIn&ru=www.ebay.com
http://cosmo.genusis.com/images/icons/eee/login.html#ws/eBayISAPI.dll?SignIn&ru=http://www.ebay.com/
http://sangelecaiolor.czechian.net/polaris-rzr-W0QQitemZ250328176800QQcmdZViewItemQQptZ-logan-hash0item3a48b8d8a00_trksidsp32860c0023/z.php
http://personal-pontoon-ebay.xf.cz/2006%20Lowe%20SUNCRUISER%20BIMINI/ebaymotorsW0QQitemZ180405328696QQcmdZViewItemQQptZboat_pontoonhash=item2a00fedb38&_trksid=p4/index.php
http://www.normans.dk/catalog/images/AllinformationfromWHOISserviceisprovided.html

File Hosting
MegaUpload
http://www.nakudashi.blors.com/Akina/?active.to=http://www.megaupload.com/?c=login&next=d%3DPV1ZQAIJ
http://www.sweetlife.iamspace.com/jav/asia.htm
http://www.karina.blors.com/Sasaki/Studio.htm?to.url=http://www.megaupload.com/?d=RZXZ8YZ5
http://www.nakudashi.blors.com/Akina/
http://www.cocomisakura.blors.com/Sakura/cool.htm?url.active=http://www.megaupload.com/?d=HWDZS4OM
http://www.shokoakiya.blors.com/Akiyama/asiacool.htm?url.active=http://www.megaupload.com/?d=5Y6402AH
http://www.ramunagasuki.blors.com/asia/
Rapidshare
http://raapidshare.ugu.pl/premiumzone.php
http://rapidshare-premium2011.tk/
http://rs786.t35.com/logon.php
http://rapidshare-premium2011.tk/

Social Networking
Facebook
http://www.rep021.kr/usersdirectory/LoginFacebook.php
YouTube
http://youtube-view-all.tk/

Telephone services & others

Walmart
http://75.32.55.145/walmart/actpatriot/walmart/details.html
Telcel
http://itelcel.byethost13.com/home_telcel/?_ideastelcel2010&_servlet_Controller_EVENT=RECARGA_PROMOCION&rnd=0.15117657
http://www.rosalux.org.mx/logs/cgi_bin-ssl/com_notes/register2.html
Kijiji
http://kijiji-ca.wz.cz/cSignInrups-ConfirmAccount-ruq-re-direct&Dwws.html


WebMail
Windows Live Hotmail
http://www.windowslivemail.tk/
http://so7ba7elwa.ibda3.org/
http://itelcel.byethost13.com/msn.html
https://www.windowslive.co.uk/hotmailstories/

En este caso, en el mismo servidor se aloja otro phishing pero hacia la compañía Telcel, y se almacena toda la información robada: la relacionada a las tarjetas de crédito (correspondientes a TelCel) y las credenciales de acceso al webmail de Microsoft. Además de la descarga de un falso Windows Messenger 2010 que es un malware. A continuación se observa una captura del almacenamiento de credenciales.

Online Games
World of Warcraft
http://www.blizzard-account-review-blizzard.com/
http://us.bettls.net/login/login.htm?ref=https://www.worldofwarcraft.com/account/&app=wam
Tibia
http://clanprem.atspace.com/
http://clanbrazukas.atspace.com/
http://clandemonsforlite.atspace.com/
http://clanakimichi-join.atspace.com/

Related Information

Jorge Mieres

0 comentarios:

Post a Comment