Just got my very first phishing email, not only that, the data capture address is Changwon Technical High School, Korea !
Enterprising little sods !
"From: Acc Offce To: Subject: Alliance-Leicester Bank Security Service Alert. Date: Mon, 18 Jul 2005 16:47:06 -0500 MIME-Version: 1.0 Received: from chocofan.com ([221.164.106.28]) by pamc1-f12.hotmail.com with Microsoft SMTPSVC(6.0.3790.211); Tue, 19 Jul 2005 00:46:52 -0700 Received: from alliiance-leicester.co.uk (alliiance-leicester.co.uk [212.227.34.3])by chocofan.com (Postfix) with ESMTP id 3830C9B3EB; Mon, 18 Jul 2005 16:47:06 -0500 X-Message-Info: 6sSXyD95QpW5k5boI5n3qpqXv+WE3TSV3fpWZ9fLPhAX-MSMail-Priority: Normal X-Mailer: Microsoft Outlook, Build 10.0.2616 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2462.0000 X-Kaspersky-Antivirus: passed Return-Path: sales snipped-for-privacy@alliiance-leicester.co.uk X-OriginalArrivalTime: 19 Jul 2005 07:46:53.0001 (UTC) FILETIME=[07637B90:01C58C36]
Dear Alliance-Leicester Bank user, We are glad to inform you, that our bank has a new security system. The new updated technology will ensure the security of your payments trough our bank.
Hoping you understand that we are doing this for your own safety we suggest you to access the following link to verify your online account.
We kindly ask you to update your personal information here
Alliance-Leicester Management Team"
Hotmail doesn't show the underlying source code but the linked address is "javascript:ol('
traceroute to USER.ALLLIANCE-LEICESTER.COM (210.104.251.7), 30 hops max, 40 byte packets 1 * * * 2 * * * 3 * * * 4 phv-edge-01.inet.qwest.net (65.121.93.133) 22.459 ms 5 tmp-core-01.inet.qwest.net (205.171.129.85) 21.483 ms 6 svl-core-01.inet.qwest.net (205.171.8.242) 31.248 ms 7 pax-brdr-02.inet.qwest.net (205.171.214.38) 32.225 ms 8 205.171.4.238 (205.171.4.238) 33.201 ms 9 203.255.234.54 (203.255.234.54) 34.178 ms
10 203.255.234.109 (203.255.234.109) 162.099 ms 11 210.120.248.71 (210.120.248.71) 164.052 ms 12 knmcba19-s5-3-17-c.rt.bora.net (211.180.11.30) 165.029 ms 13 202.30.94.7 (202.30.94.7) 179.676 ms 14 210.204.254.253 (210.204.254.253) 164.052 ms 15 210.104.3.86 (210.104.3.86) 171.864 ms 16 211.253.255.90 (211.253.255.90) 171.864 msquery: 210.104.251.7
# ENGLISH
KRNIC is not a ISP but a National Internet Registry similar to APNIC. The followings are information of the organization that is using the IPv4 address.
IPv4 Address : 210.104.251.0-210.104.251.127 Network Name : PUBNET-METRO2001005734 Connect ISP Name : PUBNET Connect Date : 20010101 Registration Date : 20050330
[ Organization Information ] Organization ID : ORG102858 Org Name : CHANGWON TECHNICAL HIGH SCHOOL State : KYONGNAM Address : 28-1BEONJI SAHWADONG CHANGWONSI Zip Code : 641-440 [ Admin Contact Information] Name : IP MANAGER Org Name : CHANGWON TECHNICAL HIGH SCHOOL State : KYONGNAM Address : 28-1BEONJI SAHWADONG CHANGWONSI Zip Code : 641-440 Phone : +82-55-288-9673 E-Mail : snipped-for-privacy@changwon-th.ed.kyongnam.kr [ Technical Contact Information ] Name : IP MANAGER Org Name : CHANGWON TECHNICAL HIGH SCHOOL State : KYONGNAM Address : 28-1BEONJI SAHWADONG CHANGWONSI Zip Code : 641-440 Phone : +82-55-288-9673 E-Mail : snipped-for-privacy@changwon-th.ed.kyongnam.kr