Monday, April 24, 2017

Banco Santander (Brasil) S.A. | Evite Bloqueio de sua conta (*) (Phishing Attempt)

Banco Santander S.A.

Prezado(a) Cliente,

Comunicamos que seus dados cadastrais encontram-se desatualizados em nosso sistema.Para que você possa desfrutar dos benefícios com comodidade e segurança, pedimos que você efetue a Atualização Cadastral de Segurança imposta pelo nosso sistema.

Este procedimento deve ser efetuado, evitando o bloqueio aos canais Santander tais como Telefone, Internet Banking e Caixas Eletrônicos.

Para evitar a suspensão automática desses serviços, habilite suas atualizações clicando no botão abaixo.
Este recurso só é ativado se você aceitar, e é atualizado a partir de servidores certificados..

Deseja confirmar suas definições de segurança?

Confirmar

Banco Santander (Brasil) S.A. CNPJ: 90.400.888/0001-42 Avenida Presidente Juscelino Kubitschek, 2041 e 2235 - Bloco A, Vila Olímpia, São Paulo/SP - CEP 04543-011

Screenshot of the phishing :

Santande

Email analysis :

NOTE : Received : by ip-160-153-226-153.ip.secureserver.net
NOTE : (Postfix, from userid 33)
NOTE : 160.153.226.184

160.153.226.184

NOTE : X-Mailer : Microsoft Office Outlook, Build 17.551210
NOTE : X-Mailer : iGMail [www.ig.com.br]

Phishing analysis :

CLICK : Confirmar
OPEN : http://ip-160-153-229-233.ip.secureserver.net/cadastro/*
RESULT : Phishing is unresponsive...

Sunday, March 13, 2016

New Notification Message From Santander (Santander Phishing)

Security Notice

Your passcode has been entered incorrectly multiple times. Please ensure that you are entering your passcode correctly. If you are a Business Banking customer, remember to use our dedicated Business Banking log on page accessible from the Santander homepage. For your security we have restriced your access to our online banking system in order to safeuard your account. We require you to complete our account verification process in order to restore access. This process should only take you a few minutes to complete and will also ensure we hold the most up to date records for you.

Click here to get started ⇒

Please Note:Failure to comply with our account verification process may lead to permenant suspension of access to our online banking service.
Online Banking Guarantee Site Help & Accessibility Security & Privacy Terms & Conditions Legal

Phishing analysis :

CLICK : Click here to get started ⇒
OPEN : http://design360degree.in/tools/santander
REDIRECT : http://design360degree.in/tools/santander/Login.php?sslchannel=true&form=AccountVerification&sessionid=***

SCREENSHOT :


CLICK : Log on >
REDIRECT : http://design360degree.in/tools/santander/LoginP2.php?&sessionid=***&securessl=true

SCREENSHOT :


CLICK : Submit

REDIRECT : http://design360degree.in/tools/santander/Verify.php?&sessionid=*&securessl=true

SCREENSHOT :


SCREENSHOT :


CLICK : Continue

REDIRECT : http://design360degree.in/tools/santander/Finish.php?&sessionid=*&securessl=true

SCREENSHOT :


REDIRECT : http://www.santander.co.uk/uk/index

Email analysis :

NOTE : jd@firstmancorp.com
NOTE : Return-Path : < jd@firstmancorp.com >
NOTE : Mime-Version : 1.0
NOTE : domain of jd@firstmancorp.com designates 108.179.196.215 as permitted sender)
NOTE : smtp.mailfrom=jd@firstmancorp.com; dkim=pass header.i=@firstmancorp.com
NOTE : X-Authenticated-Sender : smaug.hostromeo.com: jd@firstmancorp.com
NOTE : X-Get-Message-Sender-Via : smaug.hostromeo.com:
NOTE : authenticated_id: jd@firstmancorp.com
NOTE : client-ip=108.179.196.215;


NOTE : Received : from [154.118.65.251] (port=52340 helo=[192.168.8.101])


NOTE : by smaug.hostromeo.com with esmtpa (Exim 4.86_1)
NOTE : New Notification Message From Santander