142). ANZ - HTML.Phishing.Bank-529

This email targets customers of ANZ.

Message Details

Malware Name:HTML.Phishing.Bank-529
Origin: Germany
Date first seen:16/07/2006 09:50:15
Number seen:2
Date last seen:07/10/2006 10:10:23
From:ANZ bank <security@anz.com>
Subject:Account suspension

Attacker's URLs

The following table shows the details of the URLs used by the attacker. These could either be the fake website of the attack, or a site which redirects to the attackers fake site. Sometimes the attacker will use an additional site for hosting resources such as images.

The table shows the current status of the site: if it is still reachable (), or if it has been shut down (). If the site has not been confirmed as a phishing site it is shown with the symbol . The time when the site was first observed is shown, together with the time that the site was shut down, if applicable. Do not visit the attackers site as it may contain malware. You can get more details on the site by clicking on the symbol.

StatusFirst observedShut DownInternet AddressURL
16/07/2006 12:15:08 17/07/2006 04:38:04 Malaysia 202.71.108.25 http://www.flowers.com.my/affiliatebk/info/ANZ/Bankmain.htm   

Message Text

The text below shows the message content, rendered in a safe way. It does not show images or HTML formatting, but the text is the same as that contained in the phishing email. Each clickable link is shown as a reference. You can see the way the URL is presented in the main body of the text, while the actual URL activated by the link is shown below the main body.

Message Display
Enlarge
How the message body looks in an email client.

   ACCOUNT SUSPENSION

   In an effort to protect your ANZ bank account security, we have suspended
   your account
   until such time that it can be safely restored by you.

   We have taken this action because your ANZ bank online account may have been
   compromised,
   Sometimes this happens when members respond to tropans,worms and other
   effected virus files.
   Although we cannot disclose our investigative procedures that led to this
   conclusion,
   Please note that we took this action in order to maintain the safety of your
   account.

   To complete our activation process for your account restoring access,please
   click here:
   [1]https://www.anz.com/inetbank/bankmain.asp

   Regards.

   Security Department.

   © Australia and New Zealand Banking Group Limited

References

   1. http://www.flowers.com.my/affiliatebk/info/ANZ/Bankmain.htm

Additional Examples

Functions

Advice