Tuesday, April 11, 2017

Alertes (Phishing Société Générale)

Cher(e) Client(e)

AfinJdeJprévenirJl'utilisationJfrauduleuseJdesJcartesJbancairesJsurJinternet,
SociétéJGénéraleJestJdotéeJd'unJdispositifJdeJcontroleJdesJprélèvements.CeJservicejj
estJentierementJgratuitJNotreJsystemeJaJdetecteJqueJvousJn'avezJpasJactivéJPasse sécurité.
PourJactivéJleJPasseJsécurité, VeuillerJcliquez sur leJlienJci-dessous :

Cliquez ici

NousJvousJremercionsJdeJvotreJconfiance.

Cordialement,
DirecteurJdeJlaJrelationJclients.

Phishing screenshot :

Phishing Screenshot

Email analysis :

NOTE : jan.v.d.kamp@versatel.nl
NOTE : Cmm-Sending-Ip : 82.215.18.99

82.215.18.99

NOTE : Received : by webmail01.zonnet.isp-net.nl (Postfix, from userid 33)

Phishing analysis :

CLICK : Cliquez ici
OPEN : http://www.asociacioncar.com/adm
REDIRECT : http://tabonm79.beget.tech/googl/sg2017/*/

Phishing Société Générale

NOTE : ENTER FAKE PASSWORD AND USER
REDIRECT : http://tabonm79.beget.tech/googl/sg2017/*/dcr-web/

Phishing Société Générale

Affected services :

NOTE : Fietsenwinkel.nl (Relaying the phishing email.)
NOTE : asociacioncar.com (Hosting the redirect to the phishing.)
NOTE : tabonm79.beget.tech (Hosting the phishing.)
NOTE : beget.tech (Hosting the phishing page.)
NOTE : Société Générale (Victim)

Your USD$15.5million cashier check.

Attention please

We have received the check from the bank last week and kept the check with Dr. Jerry Udo as we discussed, Please email him immediately inorder to send you the cheque. I am in Colombia now.

I kept USD$15.5million cashier check & will send you the rest of money after my business trip here. I sent you so many emails last week but all bounced back. So contact Dr. Udo with his below email address for him to send the check to you: ( jerryudo@mail2Winner.com ) or call him at +229 99485442

Thanks and do let me know when you have received it. 'Copy & paste' (jerryudo@mail2Winner.com)

Regards
Majvor Forsberg
United Nations Rep, U

Email analysis :

NOTE : jerryudo@mail2Winner.com
NOTE : info@gmail.com
NOTE : Received : from [41.138.91.233] (helo=User)
NOTE : by x068vm10.dattaweb.com

x068vm10.dattaweb.com