We’ve recently observed phishing emails targeting customers of the ASB bank, which is based in New Zealand. While these particular phishing emails are not very different from many of the other phishing emails we get every day, we did find some interesting things on the server hosting the phishing website and inside the email’s header, which hint that a group based in Nigeria could be behind these phishing attacks. Here is a sample message:
The link in the email goes to a phishing page that is hosted on a compromised web server in Hungary. It looks a lot like the legitimate banking login page for the asbbank.co.nz website.
An analysis of the ACH spam campaign
Massive Rise in Malicious Spam
‘Just applied for my own @facebook.com email account’ Phish Spreading
Can’t Believe A Girl Did This Because of Justin Bieber? You Shouldn’t
RapidShare.com – The Phishing Begins