Thursday, September 25, 2014

Facebook phishing

Dear Facebook User, We recently noticed that your Facebook account is being accessed by a third-party. We think that this is unauthorized access – an attempt to hack your account. So, we need you to confirm the ownership of your Facebook account. Please login to your Facebook account from the link below

Facebook account

Phishing analysis :
===================================
NOTE : Click "Facebook account"
NOTE : Open http://www.facebookke.com
===================================

facebookke.com whois :
===================================
Domain Name: FACEBOOKKE.COM
Registry Domain ID: NA
Registrar WHOIS Server: whois.enom.com
Registrar URL: www.enom.com
Updated Date: 2014-09-24 05:13:51Z
Creation Date: 2014-09-24 12:13:00Z
Registrar Registration Expiration Date: 2015-09-24 12:13:00Z
Registrar: ENOM, INC.
Registrar IANA ID: 48
Registrar Abuse Contact Email: abuse@enom.com
Registrar Abuse Contact Phone: +1.4252744500
Domain Status: clientTransferProhibited
Registry Registrant ID:
Registrant Name: KEN SIVERTS
Registrant Organization: VICTORIA LOP
Registrant Street: 365 W VICTORIA ST
Registrant City: MIAMI
Registrant State/Province: FL
Registrant Postal Code: 33142
Registrant Country: US
Registrant Phone: +1.6024327883
Registrant Email: TGNST@DAINTLY.COM
Registry Admin ID:
Admin Name: KEN SIVERTS
Admin Organization: VICTORIA LOP
Admin Street: 365 W VICTORIA ST
Admin City: MIAMI
Admin State/Province: FL
Admin Postal Code: 33142
Admin Country: US
Admin Phone: +1.6024327883
Admin Email: TGNST@DAINTLY.COM
Tech Name: KEN SIVERTS
Tech Organization: VICTORIA LOP
Tech Street: 365 W VICTORIA ST
Tech City: MIAMI
Tech State/Province: FL
Tech Postal Code: 33142
Tech Country: US
Tech Phone: +1.6024327883
Tech Email: TGNST@DAINTLY.COM
Name Server: NS1.GRIDFAST.NET
Name Server: NS2.GRIDFAST.NET
DNSSEC: unSigned
URL of the ICANN WHOIS Data Problem Reporting System: http://wdprs.internic.net/
Last update of WHOIS database: 2014-09-24 05:13:51Z
===================================

Mail analysis :
===================================
NOTE : Return-Path : < change@facebook.com >
NOTE : Received : from unknown (HELO sona.server-queen.jp) (209.54.62.165)
NOTE : X-Php-Originating-Script : 10000:crons.php(7) : eval()'d code
NOTE : Facebook Password Reset Confirmation! Important Message
===================================
Labels : , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)
Copyright © Scam.cz | Created by Rbcafe