Re: [nznog] Bankdirect phish

29 Sep 2005

      ...
...
...
"Craig Box"  30/09/2005 08:52 >>>
Just got a phish for BankDirect. The telling part: "
It has just occured to me that a good way to 'deal' with phishing sites
prior to them being shut down might be to have a script that submits
random usernames and passwords. Thousands of them.

It would certainly make it much harder for the phisher.

cheers,
Richard

href="http://www.bankdlrect.co.nz/index_secure.asp" >" - notice the
'l'
where the I should be.  Hopefully as this is inside .nz DNS we can get
this one shut down quickly.

The domain is registered with DiscountDomains.co.nz to a RODNEY
GUISTWITE.

admin_contact_name: RODNEY GUISTWITE
admin_contact_address1: 9740 CONIFER LANE
admin_contact_city: MURRELLS INLET
admin_contact_country: US (UNITED STATES)
admin_contact_phone: +84 3 6501641
admin_contact_email: directmain(a)yahoo.com 

The email headers:

Received: from firewall.itpartners.co.nz ([10.7.0.254]) by
penfold.itpartners.co.nz with Microsoft SMTPSVC(6.0.3790.1830);
	 Fri, 30 Sep 2005 08:46:23 +1200
Received: from [218.233.125.18] (helo=-1208382648)
	by firewall.itpartners.co.nz with smtp (Exim 4.34)
	id 1EL5Iv-0007GJ-5u
	for craig(a)itpartners.co.nz; Fri, 30 Sep 2005 08:47:04 +1200
Received: from bankdirect.co.nz (-1208528168 [-1208791160])
	by google.com (Qmailv1) with ESMTP id 554E5D0054
	for ; Thu, 29 Sep 2005 13:13:12 -0700
Date: Thu, 29 Sep 2005 13:13:12 -0700
From: Bankdirect Accounts 
X-Mailer: The Bat! (v2.00.8) Personal
X-Priority: 3
Message-ID: <5432025998.20050929131312(a)bankdirect.co.nz>
To: Craig 
Subject: New Fraud-Prevention system.
MIME-Version: 1.0
Content-Type: multipart/mixed;
	boundary="----------C0723C19AFB5862"
X-Virus-Scanned: Symantec AntiVirus Scan Engine
X-Spam-Score: -5.8 {-----}
X-Spam-Report: No, hits=-5.8 required=5.0
tests=ALL_TRUSTED,BAYES_00,HTML_MESSAGE,HTML_TAG_EXIST_TBODY
autolearn=ham version=3.0.2
Return-Path: accounts(a)bankdirect.co.nz 
X-OriginalArrivalTime: 29 Sep 2005 20:46:23.0798 (UTC)
FILETIME=[DAB2BD60:01C5C536]

Craig Box                       Phone   07 957 2653
IT Partners Ltd                 Fax     07 957 2659
PO Box 9361                     Mobile  021 475 869
Hamilton, New Zealand
_________________________________________________________________

#include 
_________________________________________________________________

_______________________________________________
NZNOG mailing list
NZNOG(a)list.waikato.ac.nz
http://list.waikato.ac.nz/mailman/listinfo/nznog

Re: [nznog] Bankdirect phish

Webmaster