I think the best bit is this, from the HTML (like this on the real site, as well as the dodgy one): <!-- uncomment and edit the following line to enable link to phishing info page --> <!--a href="http://www.nbnz.co.nz/personal/waystobank/protectphishing.htm">Online Security Update: 9 June 2006</a--> Robert Hunt wrote:
heads up on a recent PHISHing attack
I guess others may have users complaining about the PHISH just arriving representing itself as the National Bank while the site collecting is http://www.ffmd.org/bilder/www.nbnz.co.nz/login.html
We've found a live chat with the web provider for ffmd.org and mailed abuse@@b-one.net who own the IP space.
Any other strategies to close an internationally hosted one like this?
-Robert
_______________________________________________ NZNOG mailing list NZNOG(a)list.waikato.ac.nz http://list.waikato.ac.nz/mailman/listinfo/nznog
!DSPAM:22,4535b1c450541759412610!