Saturday, July 14, 2007

SunTrust Bank phishing attempt

From: businessservice.ref73250944520406.nf@suntrust.com
Subject: SunTrust Bank: please confirm your online banking records! (message id: 83603923766)
Date: July 14, 2007 8:55:46 PM GMT+01:00
To: [someone else's email]
Return-Path:
Received: ... from 23.pool85-59-64.dynamic.orange.es (23.pool85-59-64.dynamic.orange.es [85.59.64.23]) by [isp] (Xserve/smtpin49/MantshX 4.0) with SMTP id l6EJtk2u014914; Sat, 14 Jul 2007 12:55:48 -0700 (PDT)
Received: from never.kellychen.com (manley.kellychen.com [14.88.204.68]) by kerio.com with SMTP id 2HVQ0190FT for [that other user's email]; Sat, 14 Jul 2007 12:55:43 -0800
Message-Id: <200707141955.l6EJtk2u014914@mac.com>
Mime-Version: 1.0
X-Mailer: Microsoft Internet Mail 4.70.1155
Content-Type: multipart/alternative; boundary=--1UZQ6E4EO_WCCZXUU2IVA361
X-Priority: 3 (Normal)
X-User_Ip: 24.114.1.202
User-Agent: Microsoft Internet Mail 4.70.1155
Original-Recipient: [my email]

Dear SunTrust Bank customer,

SunTrust Client Service Team requests you to complete Online Treasury Customer Form.

This procedure is obligatory for all business and corporate clients of SunTrust Bank.

Please click hyperlink below to access Online Treasury Customer Form.

http://onlinetreasurymanager-id7365548.suntrust.com/ibswebsuntrust/cmserver/customer.cfm

Thank you for choosing SunTrust Bank for your business needs.

Please do not respond to this email.

This mail generated by an automated service.

__________________________________________________________________________

0x99, 0x3, 0x3796, 0x1, 0x3 media hex U1L S5Z rev 8PG RAR 9UD U3Y 0x23, 0x596 tmp: 0x874, 0x54937793, 0x9, 0x09224268, 0x0008, 0x3, 0x14, 0x64292480, 0x9571, 0x94, 0x07166475, 0x37, 0x607, 0x3, 0x852 0x4, 0x9011 0x20, 0x00634897, 0x601, 0x9038, 0x015, 0x70250798, 0x25986704, 0x27075584, 0x547, 0x07, 0x6 rev: 0x5384, 0x29, 0x35, 0x74, 0x57, 0x3, 0x378, 0x69679773 07FX: 0x515 64J1: 0x6417, 0x31, 0x92, 0x1702, 0x04186070

exe: 0x3638, 0x0280, 0x679, 0x2, 0x66, 0x845, 0x95393472, 0x74, 0x59, 0x4 interface: 0x13 HIR: 0x296, 0x561, 0x7138 common ZLB S48I 65F JGTP. U3MK: 0x6292, 0x998, 0x6 0x10491729, 0x0, 0x055, 0x12164091, 0x6 rcs HVYR 3M9 WW1 define 0JA QZ2: 0x063, 0x692, 0x484, 0x59 start: 0x1, 0x4156, 0x44, 0x8562, 0x3912, 0x78828520, 0x267, 0x38, 0x616, 0x31, 0x510, 0x58918884 0x2591, 0x9, 0x82503509

120: 0x06, 0x425, 0x2186, 0x5782, 0x5467, 0x1014, 0x7, 0x3, 0x3221, 0x295, 0x79464507, 0x091, 0x25949962, 0x2953, 0x84039376 0x6947, 0x8, 0x205, 0x60003283, 0x39960848 R5Q: 0x6541, 0x71549568, 0x41812577, 0x2721, 0x45349447, 0x507, 0x96555838, 0x224, 0x7483, 0x2, 0x7, 0x715, 0x65, 0x69218234 0x6, 0x15770665, 0x84, 0x30, 0x82403901, 0x287, 0x3606, 0x32, 0x93 0NJ 62R0 XFEP TED function SVH IYKW EE38 root0x5442, 0x6 0x1, 0x019, 0x9, 0x6450, 0x9, 0x154, 0x723, 0x142 KR1: 0x52, 0x13, 0x8, 0x83, 0x65 H7JL, NGR. ACZ9: 0x22, 0x682, 0x4


All random numbers on small white character to not make it visible.
The link where this "SunTrust Bank" points to gives the following registrant info :

Domain Name: GOLCOWD.BIZ
Domain ID: D19103697-BIZ
Sponsoring Registrar: REGISTER.COM
Registrant ID: 3343322C9CF42696
Registrant Name: Jeff Mills
Registrant Address1: 1255 Marlborough st. Apt. A
Registrant City: Philadelphia
Registrant State/Province: PA
Registrant Postal Code: 19125
Registrant Country: United States
Registrant Country Code: US
Registrant Phone Number: +1.2679976940
Registrant Email: jeffmills@whoever.com
Same contact info for Administrative and Technical contacts.
Domain Registration Date: Fri Jul 13 18:14:18 GMT 2007
Domain Expiration Date: Sat Jul 12 23:59:59 GMT 2008
Posted by @
Labels: , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)