Latest Fraud Threat To Gtb And Springbank

A Member? Please Login  
type your username and password to login
Date: May 13, 2008, 11:47 PM
200308 members and 112628 Topics
Latest Member: chayoma123
Nairaland [Nigerian Forum] Home Help Search Who is currently online? Login Register
Nairaland Forum  |  General Discussion  |  Business (Moderator: FOD)  |  Latest Fraud Threat To Gtb And Springbank
Pages: (1) Go Down Send this topic Notify of replies
Author Topic: Latest Fraud Threat To Gtb And Springbank  (Read 629 views)
webdezzi (m)
Latest Fraud Threat To Gtb And Springbank
« on: November 12, 2007, 10:06 AM »

I woke up this morning to see 2 email requesting that i should update my online account with GTB and Springbank, 2 separate emails.

Funny because i don't have account with these bank, I did a little bit of poking and realised the links in the email directs unsuspecting users to a different URL

the link looks like this
http://www.Springbank.com/ibanking/signon?
http://www.gtbplc.com/ibanking/signon?LOB=CONS&screenid=Update_Acct

but the javascript behind the email will send you to this addresses respectively
http://www.springbenk.com/ibanking/
http://www.gtbple.com/ibanking/

VERY INTELLIGENT, REPLACING "a" WITH "e" AND "c" WITH "e"

i tried to feed in wrong login details as login and i was directed to the real website, its obvious that my entry has already been save to a database before redirection.

You know one bad thing here is that the email address was spoofed, so the email appears to be sent from GeNS@gtbplc.com

so if yahoo users have already added the email address to their address book, then yahoo users will see the address book icon next to the message as if it came from the right source

A little background check shows the 2 sites were hosted by the same hosting company
www.abimco.com because thats where the DNS server points to

http://www.networksolutions.com/whois/results.jsp?domain=springbenk.com
http://www.networksolutions.com/whois/results.jsp?domain=gtbple.com

      
DNS RESULT

Domain Name: springbenk.com
Registered at http://www.dynadot.com

Registrant:
GANESAN
Dhandapani
Bangkapi, Essex 454574
India

Administrative Contact:
GANESAN
Dhandapani
Bangkapi, Essex 454574
India
ganraj2006@gmail.com
+600 33020120058

Technical Contact:
GANESAN
Dhandapani
Bangkapi, Essex 454574
India
ganraj2006@gmail.com
+600 33020120058

Record expires on 2008/11/11 UTC
Record created on 2007/11/11 UTC

Domain servers in listed order:
ns1.abimco.com
ns2.abimco.com


SO BEWARE AS THERE MAY BE MORE SITES OUT THERE TARGETING OTHER BANK
uchetobi (f)
Re: Latest Fraud Threat To Gtb And Springbank
« #1 on: November 12, 2007, 10:12 AM »

Thanx a lot
nwabumma (f)
Re: Latest Fraud Threat To Gtb And Springbank
« #2 on: November 12, 2007, 10:23 AM »

Those thieves must not go unpunished.
freelance (m)
Re: Latest Fraud Threat To Gtb And Springbank
« #3 on: November 12, 2007, 10:25 AM »

Received the mails as well.

Thanks all the same Wink
webdezzi (m)
Re: Latest Fraud Threat To Gtb And Springbank
« #4 on: November 12, 2007, 10:35 AM »

So strange that 2 of every 3 received it, I have been trying to contact the hosting company but network is so bad
crazyT (m)
Re: Latest Fraud Threat To Gtb And Springbank
« #5 on: November 12, 2007, 11:39 PM »



I have got the GTB letters like 4 times now but the Springbank own just arrived today, the funnies part of the story is that I don't operate Springbank account. 

Thanks for the info, just keep them coming!
abimco (m)
Re: Latest Fraud Threat To Gtb And Springbank
« #6 on: January 26, 2008, 08:38 PM »

Hello webdezzi
Thanks for the information, but we wonder how you traced the nameservers to abimco, our whois search result did not give the same result;
http://network-tools.com/default.asp?prog=whois&host=gtbple.com
http://network-tools.com/default.asp?prog=whois&host=springbenk.com
Regards
Abimco
niyyie (m)
Re: Latest Fraud Threat To Gtb And Springbank
« #7 on: January 27, 2008, 05:52 PM »


This is a relatively common scam on the Internet known as Phishing. Just beware.
webdezzi (m)
Re: Latest Fraud Threat To Gtb And Springbank
« #8 on: May 09, 2008, 11:15 AM »

Hello Abimco,
Those who followed that link in november 2007 saw it point to that domain server

This is 2008 and they might have moved to another server. I tried to reach the phone number on abimco's site then but no body picked it.

anyway, Its always hard to beat those guys.
 First Bank Shares - Whats Going On?  Cadbury Account Overstatement Scandal: Bunmi Oni Why?  Setting Up A Reputable Boutique  Page 2
Pages: (1) Go Up Send Topic to Friend by E-mail Reply 
Google
 
Web www.nairaland.com
Sections: TV/Movies (2) Music/Radio (2) Celebrities Jobs (2) Career Romance Books Politics Sports Fashion Travel
Health Schooling Religion General(2) Business Webmaster Programming Computers Phones Cars & Trucks

Links: Page1 Page2 Page3 Page4 Page5 Page6 Page7 Page8 Page9 Page10

Nairaland is owned by Oluwaseun Osewa
Powered by: SMF, © 2001-2005, Lewis Media. All Rights Reserved.