Date Reported 25th January 2005 |
Apparent Sender Regions Bank
Return Address email@example.com < firstname.lastname@example.org >
Subject Regions Online Banking Notification
Method Spoof email links to a spoof webpage where victim is prompted to enter their details believing the site is genuine. Details are then forwarded to a local script and captured.
Bogus Web Content? Yes
URL of web content http://188.8.131.52/.regions/
RISK LEVEL MEDIUM
WARNINGS 1. Email claims to be from Regions asking you to confirm your account data by clicking on the link. You will be taken to a spoof login page where your details will be captured by the phishers.
2. Regions never send users emails requesting details in this way.
3. URL disguised as https://secure.regionsnet.com/EBanking/logon/user - Looks secure (https) but it isn't!
4. Real URL obviously not Regions.
4. Website traced to Brazil.
" We recently reviewed your account, and suspect that your Regions Bank account may have been accessed by an unauthorized third party . "
If you have received this email, please remember that it is very common for these email scams to be redistributed at a later date with only slightly different content or the same but with the fake page(s) hosted by a different provider. Also, once you have received one of these hoaxes, it is also common place to receive at least another one and usually a day or two after the first, although not necessarily from the same apparent sender.