SmartFeedSmartFeed          



WELCOME - YOU ARE CURRENTLY VIEWING 419EATER AS A GUEST

By joining our community you will have the ability to post topics and access other forums reserved for members. Registration is quick, simple and absolutely free. Join our community today by clicking here.

ScamWarners.com - Internet Anti-Fraud Center - now open!


 http://58.254.17.20 - "US Bank"

View next topic
View previous topic
 
Post new topicReply to topic
Author Message
Arctic Baiter
Master Baiter


Joined: 28 Feb 2009
Posts: 214
Location: Lost somewhere in Eastern Europe...


PostPosted: Mon Jul 20, 2009 8:03 pm Reply with quoteBack to top

Received mail linking to this site, claiming it is a bank known as "US Bank" (I'm not sure if it exists.)

Mail:
Quote:
We noticed one or more login attempts from a foreign IP address .

Log In now to resolve the problem.


The last line links to this address: http://58.254.17.20/manual/misc/usbank/USB/internetBanking/CmdId/

E-mail Header:
Quote:
Delivered-To: [email protected]
Received: by 10.86.68.9 with SMTP id q9cs188630fga;
Mon, 20 Jul 2009 03:08:15 -0700 (PDT)
Received: by 10.210.53.1 with SMTP id b1mr3401453eba.62.1248084494709;
Mon, 20 Jul 2009 03:08:14 -0700 (PDT)
Return-Path: <[email protected]>
Received: from geostroy-mos.ru ([195.135.239.227])
by mx.google.com with ESMTP id 12si9113470ewy.31.2009.07.20.03.08.11;
Mon, 20 Jul 2009 03:08:14 -0700 (PDT)
Received-SPF: neutral (google.com: 195.135.239.227 is neither permitted nor denied by best guess record for domain of [email protected]) client-ip=195.135.239.227;
Authentication-Results: mx.google.com; spf=neutral (google.com: 195.135.239.227 is neither permitted nor denied by best guess record for domain of [email protected]) [email protected]
Message-Id: <[email protected]>
Received: from User ([195.22.0.137])
(authenticated user [email protected])
by geostroy-mos.ru (Kerio MailServer 6.7.0 patch 1);
Mon, 20 Jul 2009 14:07:29 +0400
From: "US Bank"<[email protected]>
Subject: US Bank alert
Date: Sun, 19 Jul 2009 13:08:07 +0300
MIME-Version: 1.0
Content-Type: text/html;
charset="Windows-1251"
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2600.0000
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000


IP of e-mail sender resolves to:
Quote:
Moscow, Russian Federation
ISP = M9.com network
Organization: = M9.com network


Whois:

Quote:
inetnum: 58.254.17.16 - 58.254.17.23
netname: Cike-Telecom
country: CN
descr: Cike-Telecom ,HeYuan , Guangdong province
admin-c: CG272-AP
tech-c: CG272-AP
status: ASSIGNED NON-PORTABLE
changed: 20070803
mnt-by: MAINT-CNCGROUP-GD
source: APNIC

route: 58.252.0.0/14
descr: CNC Group CHINA169 Guangdong Province Network
country: CN
origin: AS17816
mnt-by: MAINT-CNCGROUP-RR
changed: 20070301
source: APNIC

role: CNCGROUP GD
nic-hdl: CG272-AP
e-mail:
address: XinShiKong Plaza,No 666 Huangpu Rd. Guangzhou 510627,China
phone: +86-20-22214226
fax-no: +86-20-22214228
admin-c: RP181-AP
tech-c: RP181-AP
country: CN
changed: 20090414
mnt-by: MAINT-CNCGROUP-GD
source: APNIC


That's all I can find for the moment. Maybe someone who knows how to do this should carry on with getting it closed.

_________________
Closed lad accounts
All of you are psychs!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! - Olena
"fuk you, fuk your mama, fuk your papa and fuk me." - Some unknown "hacker of doom"
I just find out you are a peace of shite a joker and a betrayer! Affrican accestral shrins will chase until you die. The African Shrine is After You! TO HELL WITH YOU DOG - Miss Grace Eziash1

Completed Baits Worth Reading:
Olena
Western Union Nigeria
http://computersecrets.eu.pn/
View user's profileSend private message
BluthBanana
Baiting Guru


Joined: 16 Sep 2008
Posts: 2260
Location: Balboa Towers


PostPosted: Mon Jul 20, 2009 8:43 pm Reply with quoteBack to top

This looks like a phishing email and site to me. We don't deal with phishing here. The best place to report phishing is to the bank itself.

https://www.usbank.com/cgi_w/cfm/about/online_security/online_fraud.cfm

Quote:
Report Fraud
If you are a U.S. Bank customer and receive a suspicious email that references U. S. Bank, forward it immediately to [email protected].


Thanks for keeping an eye out! Very Happy

_________________
{Area 419: Scambaiting Radio}

Tattoo Mortar x11 Closed lad accounts x17 Safari x3

United States Thailand Switzerland Nigeria Sweden x115

pony Golden Goat Goat x2 Mc Fry

Art baits: X-Wing

419 Eater Theatre: The Hitchhiker

Lads & Crocodiles:
Safari x3 Vcamera x3 {John} {Willie} {Kingsley}

Safari x2 - . Vcamera .

"I will never forgive you for all the pains, trouble, frustrations, strandedness and disappointments you have caused us." - David
View user's profileSend private messageSend e-mailSkype Name
Arctic Baiter
Master Baiter


Joined: 28 Feb 2009
Posts: 214
Location: Lost somewhere in Eastern Europe...


PostPosted: Mon Jul 20, 2009 11:09 pm Reply with quoteBack to top

Thanks for your help BB, Could someone else maybe follow through on this one? I really have no experience doing this, neither am I a customer with the bank, so I would really appreciate it if someone else would take it.

Thanks.

_________________
Closed lad accounts
All of you are psychs!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! - Olena
"fuk you, fuk your mama, fuk your papa and fuk me." - Some unknown "hacker of doom"
I just find out you are a peace of shite a joker and a betrayer! Affrican accestral shrins will chase until you die. The African Shrine is After You! TO HELL WITH YOU DOG - Miss Grace Eziash1

Completed Baits Worth Reading:
Olena
Western Union Nigeria
http://computersecrets.eu.pn/
View user's profileSend private message
Arctic Baiter
Master Baiter


Joined: 28 Feb 2009
Posts: 214
Location: Lost somewhere in Eastern Europe...


PostPosted: Tue Jul 21, 2009 6:11 pm Reply with quoteBack to top

Just to bump this one up a little. As I said, it would be really nice if someone a little more experienced could take over the reporting and killing of this site.

_________________
Closed lad accounts
All of you are psychs!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! - Olena
"fuk you, fuk your mama, fuk your papa and fuk me." - Some unknown "hacker of doom"
I just find out you are a peace of shite a joker and a betrayer! Affrican accestral shrins will chase until you die. The African Shrine is After You! TO HELL WITH YOU DOG - Miss Grace Eziash1

Completed Baits Worth Reading:
Olena
Western Union Nigeria
http://computersecrets.eu.pn/
View user's profileSend private message
BluthBanana
Baiting Guru


Joined: 16 Sep 2008
Posts: 2260
Location: Balboa Towers


PostPosted: Tue Jul 21, 2009 10:49 pm Reply with quoteBack to top

Hey Arctic! Very Happy

We don't kill phishing sites here. The best thing you could do is send the email you received with the full headers to the bank's email address for fraud that I listed above. I wouldn't worry about whether you're a customer or not.

_________________
{Area 419: Scambaiting Radio}

Tattoo Mortar x11 Closed lad accounts x17 Safari x3

United States Thailand Switzerland Nigeria Sweden x115

pony Golden Goat Goat x2 Mc Fry

Art baits: X-Wing

419 Eater Theatre: The Hitchhiker

Lads & Crocodiles:
Safari x3 Vcamera x3 {John} {Willie} {Kingsley}

Safari x2 - . Vcamera .

"I will never forgive you for all the pains, trouble, frustrations, strandedness and disappointments you have caused us." - David
View user's profileSend private messageSend e-mailSkype Name
HarvestMoon
Elite Baiter


Joined: 02 Sep 2008
Posts: 1006
Location: a sorta fairy tale


PostPosted: Wed Jul 22, 2009 11:54 am Reply with quoteBack to top

Hi Artic, You can send a copy of the phishing email to: [email protected]

Quote:
US-CERT is collecting phishing email messages and web site locations so that we can help people avoid becoming victims of phishing scams.

You can report phishing to us by sending email to [email protected]

_________________
After the Gold Rush?
Closed lad accounts x11 United States x37 United Kingdom x25 Malaysia x7 Spain x4 China x3 Nigeria x3 Israel x3 France x2 Canada x2 Ghana Senegal Benin United Arab Emirates Ireland

"You must really think i am a fool.God punish you for taking me for a joke" Dead George
View user's profileSend private message
Arctic Baiter
Master Baiter


Joined: 28 Feb 2009
Posts: 214
Location: Lost somewhere in Eastern Europe...


PostPosted: Wed Jul 22, 2009 5:26 pm Reply with quoteBack to top

Alright HarvestMoon, will do.

_________________
Closed lad accounts
All of you are psychs!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! - Olena
"fuk you, fuk your mama, fuk your papa and fuk me." - Some unknown "hacker of doom"
I just find out you are a peace of shite a joker and a betrayer! Affrican accestral shrins will chase until you die. The African Shrine is After You! TO HELL WITH YOU DOG - Miss Grace Eziash1

Completed Baits Worth Reading:
Olena
Western Union Nigeria
http://computersecrets.eu.pn/
View user's profileSend private message
Ima Baeder
Baiting Guru


Joined: 03 May 2007
Posts: 18314


PostPosted: Wed Jul 22, 2009 5:57 pm Reply with quoteBack to top

Moved to Misc. Scams.

_________________
348 Fake Sites killed United StatesUnited KingdomUnited NationsMaltaNigeriaGhanaBeninGermanySouth AfricaRussiaTogoMalaysiaEuropean UnionJapanIvory CoastSpainFranceSwitzerlandChinaCanadaItalyThailand

Star Mugu Reseller Mortar Closed lad accounts x 100 Sand Timer 2 Years Pretty Rose Mc Fry Mc Fry Nurse Nastys Audi TT Goat Flying Monkey Easter Egg 2011
View user's profileSend private message
Display posts from previous:      
Post new topicReply to topic


 Jump to:   



View next topic
View previous topic
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum



E-Mail Header Analysis


All Content © 2003 - 419Eater.com
Powered by phpBB © 2001, 2002 phpBB Group :S5: FI Theme :: All times are GMT