Wednesday, December 2, 2015

Online Account Notification (Paypal Phishing)

Dear User

By limiting the access to your account, our security team have blocked unusual charges to a credit-card linked to your account.

By providing some information in regards to your account, our Account Review Team will try to resolve the issue as soon as possible.

PayPal may limit your account as a security measure to protect you and your account. Access limitation is taken as a pre-caution.

PayPal have provided a form (see attachment) to verify your account. You may download and fill in the form.

Our security team will immediately review the information you have provided, and your account should be restored back to normal.

We would like to thank you for your attention to this matter.

Sincerely,
PayPal

form.html

File analysis :

OPEN : form.html
DETECT : Sophos (Mal/Phish-A)

File opening :

The file was encoded so the file was decoded... :

http://ddecode.com/hexdecoder/?results=66079ae734cbda3f7abffa23e3341be4

var _0x13632f = "7ef141717f6e9bc4ea6a159fc074bf7e.php";
var _0x17dd=["http://www.my-ads-network.net/"];


my-ads-network.net whois :

Tech Email: 8F0090A44FFA46A2B0CAA72F917439C7.PROTECT@WHOISGUARD.COM
Name Server: BLOCKEDDUETOPHISHING.PLEASECONTACTSUPPORT.COM
Name Server: DUMMYSECONDARY.PLEASECONTACTSUPPORT.COM

Email analysis :

NOTE : members@systems.com
NOTE : X-Terrace-Classid : Terrace Spam system

No comments:

Post a Comment