Paypal phishing w/o hosted HTML files

It is the first time I can see a phishing that doesn’t have a website to store the website !

This email came as a self sustained phishing solution.

It is written in HTML and JS and it has a FORM whos action is POST to a website which saves the data.

The submit button goes to http://www.webformdesigner.net/wfd_f2.php?id=QjfYrttfx8.

The website is not randomly chosen 😉

Web Form Designer is a legitimate company that produces such emails …

Have a look here:  http://www.webformdesigner.net/

The mail doesn’t have anything special in it. It asks for the usual stuff : CC number, PIN (never asked by a legitimate company or webshop) , etc.


© Copyright 2006 Sorin Mustaca, All rights Reserved. Written For: Sorin Mustaca on Cybersecurity


Check www.endpoint-cybersecurity.com for seeing the consulting services we offer.

Visit www.itsecuritynews.info for latest security news in English
Besuchen Sie de.itsecuritynews.info für IT Sicherheits News auf Deutsch

Related Posts

What to do if your site has been hacked by Phishers

APWG has published an advisory document called “What to do if your site has been hacked by Phishers”. This document gives website owners specific actions they can take when they have been notified that their website or webserver has been infiltrated and used for Phishing. Going forward, if you are a brand owner, takedown provider, […]

Sometimes it is good to know the Romanian language

Just stumbled upon this blog post from Symantec http://www.symantec.com/connect/blogs/spammers-introduce-new-email-internet-headers where an absolutely normal spam process is described. Unfortunately for the author who clearly doesn’t understand Romania, he copied/pasted all headers, even those which he doesn’t understand. So, he copied all kind of bad words, things which you usually wouldn’t publish in a serious blog. I […]

Animated IMG spam

This is a Stock Spam with frames 😉 Here are the frames: Frame 0 Frame 1 Frame 2 Frame 3 Frame 4 &copy Copyright 2006 Sorin Mustaca, All rights Reserved. Written For: Sorin Mustaca on CybersecurityCheck www.endpoint-cybersecurity.com for seeing the consulting services we offer.Visit www.itsecuritynews.info for latest security news in EnglishBesuchen Sie de.itsecuritynews.info für IT […]