23 July 2006

phishing santa barbara bank & trust

we received this phishing email yesterday and it concerns us a lot because the true url is different from what we are used to seeing. hmm how can we explain this. you see in the email the link the criminals are portraying to be the url to santa barbara bank and trust company? the long blue url: http://www.sbbt.com/wealth_management/trust_online_signup.jsp

when you hover your mouse over this url and look down in your status bar you will see the true url: http://3584400795:81/~wba/login.aspx now this url is very disturbing to us because its just a long number and when we enter that url into our trace-route program in order to find out who hosts that website it comes up blank. in other words (at least to us) its untraceable.

one clue as to who is behind this phishing email - you see at the top of the email it says "Account Security Measures ! - Cyrillic (Windows)" cyrillic is russian so perhaps the russian mafiya is behind this phish attack.

click pictures to enlarge
status bar close up:
so anyway, the point is to always, always, always before you click on a link make it a habit to look down in the status bar and make sure that you trust the url. even if you are on a website that you trust you never know, hackers might have hacked into that site and changed around the hyperlinks. even with all the criminal element trolling around online the internet is still relatively safe as long as you stay alert and pay attention to detail.
for more information click the link to go to antiphishing.org the Anti-Phishing Working Group