Alerts
Banamex / BancaNet
Date:02.09.2005
Threat Type: Phishing Alert
Websense® Security Labs™ has received several reports of a new phishing attack that targets customers of Banamex / BancaNet. The attack, posing as an email from the "Department of Validation" at Banamex, attempts to dupe users into visiting a fradulent website. The email is written in Spanish and appears below, together with a rough translation.
Once users access the fraudulent website, they are requested to enter their user name and password. After the information is submitted, the site then posts the information (login.php) to another fraudulent website hosted in Bulgaria.
The first website is hosted in the USA and was up and running at the time of this alert. The Bulgarian website, to which the data is posted, was up at the time of this alert.
Phishing Email Body:
Estimado cliente de Banamex
Durante nuestro programado mantenimiento regular y procesos de verificación, hemos detectado un error en la información que tenemos registrada de su cuenta.
Esto se debe a algunos de estos factores:
1. Un cambio reciente en su información personal
2. Que se haya proporcionado información invalida durante su proceso inicial de registro con bancanet o que usted aun no haya realizado dicho registro.
3. La inhabilidad de verificar con exactitud la opción de su elección concerniente a su forma preferente de pago y manejo de cuenta debido a un error técnico interno dentro de nuestros servidores al momento del
registro.
Favor de actualizar y verificar la información de su cuenta haciendo clic en la siguiente liga. Será redirigido a la pagina principal de nuestro sitio en Internet donde podrá actualizar su información personal.
<URL Removed>
Si la información en su cuenta no se actualiza en las siguientes 48 horas algunos servicios en el uso y acceso de su cuenta serán restringidos hasta que esta infamación sea verificada y actualizada. De antemano agradezco su pronta atención este asunto
Departamento de Validación"D.R. © Copyright 2005, Derechos Reservados.
Banco Nacional de México, S.A., integrante de Grupo Financiero Banamex.
Isabel la Católica 44. Col. Centro Histórico. Del. Cuauhtémoc. C.P.
06000, México, Distrito Federal, México
Phishing Email (rough English translation):
Dear client of Banamex;
During our programmed regular maintenance and processes of cross-check, we have detected an error in the information that we have registered of his account. This owes to some of these factors:
1. To recent change in his personal information.
2. That there are provided to himself information it invalidates during his process initial of record with bancanet or that you even have not realized saying to register.
3. The inability of verifying with information of its account doing click in the following league will be redirigido to the main pagina of ours site in Internet where it will be able to update its personal information.
< URL Removed>
If the information in its account does not update in following the 48 hours some services in the use and access of their account will be restricted until that this infamation is verified and updated. Beforehand I appreciate its quick east attention subject.
Departamento de Validation
Phishing Website Screenshot:
