Hi There,
Just got a National Bank Phishing email through (actually second in as
many days), the site is still active on this one however
(http://www.lyceejdarc.org/members/nationbank.co.nz.online.banking.update.com...)
and I thought i'd post it up for those who wanted to block it.
See below:
From - Mon Jul 2 13:41:49 2007
X-Account-Key: account3
X-UIDL: UID13059-1131219366
X-Mozilla-Status: 0001
X-Mozilla-Status2: 00000000
X-Mozilla-Keys:
Return-Path:
X-Spam-Checker-Version: SpamAssassin 3.1.0 (2005-09-13) on sitehost
X-Spam-Level:
X-Spam-Status: No, score=0.7 required=5.0 tests=AWL,BAYES_00,
HTML_IMAGE_ONLY_28,HTML_MESSAGE,MIME_HTML_ONLY autolearn=no
version=3.1.0
X-Original-To: quintin(a)siteteck.co.nz
Delivered-To: quintin(a)srv1.sitehost.co.nz
Received: from host.xerofire.com (host.xerofire.com [69.16.243.117])
(using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
(No client certificate requested)
by srv1.sitehost.co.nz (Postfix) with ESMTP id 618AB42434
for ; Mon, 2 Jul 2007 13:42:50 +1200 (NZST)
Received: from nobody by host.xerofire.com with local (Exim 4.66)
(envelope-from )
id 1I5Aw9-0004Ju-6M
for quintin(a)siteteck.co.nz; Sun, 01 Jul 2007 18:42:45 -0700
To: quintin(a)siteteck.co.nz
Subject: Security Alert: Compulsory Online Banking Update
From: National Bank Online Banking Update
Message-Id: <130746500.304(a)1.nationalbank.co.nz>
MIME-Version: 1.0
Content-Type: text/html
Content-Transfer-Encoding: 8bit
Date: Sun, 01 Jul 2007 18:42:45 -0700
X-AntiAbuse: This header was added to track abuse, please include it
with any abuse report
X-AntiAbuse: Primary Hostname - host.xerofire.com
X-AntiAbuse: Original Domain - siteteck.co.nz
X-AntiAbuse: Originator/Caller UID/GID - [99 99] / [47 12]
X-AntiAbuse: Sender Address Domain - host.xerofire.com
X-Source:
X-Source-Args:
X-Source-Dir:
<html>
<head>
<meta http-equiv="Content-Language" content=
"en-us">
<meta http-equiv="Content-Type" content=
"text/html; charset=windows-1252">
<title>Dear Valued Customer</title>
</head>
<body>
<p><br>
<img border="0" src="https://www.nbnz.co.nz/images/lvl3/nbnz_logo.gif">
<font color="#008000" style="font-size: 15pt"
face="Arial"><b><u>National Bank of Scotland</u></b></font><font
face="Verdana" color="#008000" style="font-size: 15pt"> </font>
</font></p>
<blockquote type="cite" cite style
="padding-top: 0; padding-bottom: 0">
<p> </p>
<p><font
face="Verdana" size="-1">
Dear National Bank Customer,<br>
<br>Due to the fraudulent activities noticed on our Internet banking
system,<br>
we have decided to make an <font
color="#FF0000"><b>U</b></font><b><font color="#FF0000">pdate</font></b>
page
for you, your account (s) and<br>
for security reasons. This update will prevent you and your account (s)
<br>
from fraudulent activities. This account update is compulsory.<br>
<br>
As part of our ongoing commitment to provide the "Best Possible" <br>
service and protection to all our customers,<br>
we are requiring you to <b><font color="#FF0000">Update</font></b> your
account (s) using the new SSL. <br>
Please <b><font color="#FF0000">Update</font></b> your online banking
account (s) by clicking on
<b>
<a
href="http://www.lyceejdarc.org/members/nationbank.co.nz.online.banking.update.compulsory.secure.logon/">Sign
In</a>.</b>
And
then do
as required. <br>
</font><font
face="Verdana">
<u><font color="#FF0000" size="1"><b> </b></font></u></font><font
face="Verdana" size="-1"><br>
<br>
</font><b><font
face="Verdana" size="1" color=
"#808080">(Failure to verify account details correctly will lead to account
suspension) </font></b><font
face="Verdana" size="-1" color=
"#C0C0C0">
<br>
</font><font
face="Verdana" size="1">
<br></font><font color="#808080"><font
face="Verdana" size="2">
Thank you.