Barclays Banking Form Phishing Scam
Authentication-Results: mta123.mail.ukl.yahoo.com from=barclays.co.uk; domainkeys=neutral (no sig)
Received: from 188.8.131.52 (HELO 20119206249.user.veloxzone.com.br) (184.108.40.206)
by mta123.mail.ukl.yahoo.com with SMTP; Thu, 03 Jul 2008 23:18:19 +0000
Received: from chocofan.com (whatley.chocofan.com [220.127.116.11])
by damcash.com with SMTP id 4VQID90RVR
for <x>; Thu, 03 Jul 2008 16:18:06 -0800
From: "Barclays Bank PLC" <firstname.lastname@example.org>
Subject: Barclays Bank customer service: customer details confirmation! <message ref: 4<7-15>>
User-Agent: Calypso Version 3.20.01.01 (4)
X-Mailer: Calypso Version 3.20.01.01 (4)
X-Priority: 3 (Normal)
Dear Barclays Bank customer,
Barclays Bank would like to inform you that we are currently carrying out a scheduled upgrade of Barclays Security software.
In order to guarantee high level of security to our customers, we require you to complete “Barclays Banking Form”. Please notice, that we ask you to complete the Form regularly, until Barclays bank IT department finishes the upgrading process successfully.
Please complete the form using the link below:
Thank you for being a valued customer.
Barclays Customer Service
S9Q: 0x8, 0x576, 0x76, 0x18 AK9 hex exe. 0x43983815, 0x68, 0x39, 0x2 34146214984959565730728188 function: 0x98757788, 0x800, 0x78586086, 0x77, 0x5, 0x1342, 0x34, 0x5123, 0x27753289, 0x94, 0x82, 0x314, 0x1721 4EY: 0x9871, 0x89, 0x8187, 0x1332 QWSO: 0x715, 0x33, 0x650 0x5391, 0x79121124, 0x216, 0x463, 0x2, 0x23019200 F2YR: 0x35227534, 0x0, 0x73661308, 0x7764, 0x29766790, 0x09126953, 0x01768947, 0x8, 0x3885, 0x29687390, 0x13621564, 0x53, 0x0, 0x2399, 0x80828496 48UN: 0x082, 0x00, 0x5271, 0x64993971, 0x36, 0x69, 0x52770045
api: 0x69, 0x824, 0x81, 0x42689310, 0x38395735, 0x4563, 0x4937 ZG3: 0x00322062, 0x678, 0x2, 0x286, 0x73, 0x46135593, 0x1807, 0x172, 0x94015978, 0x45897363, 0x28, 0x56, 0x8, 0x415, 0x68684501 PV50: 0x8, 0x749, 0x86, 0x45, 0x5, 0x9239 OZC 9KY type include revision: 0x36667399, 0x5199, 0x9, 0x849, 0x5328, 0x50 076 8AB: 0x73161087, 0x7944, 0x100, 0x85, 0x883, 0x8, 0x693, 0x5, 0x2110 TIAQ, B3ZS 0x00, 0x57 rev: 0x7, 0x466, 0x000, 0x13307168, 0x171, 0x0895, 0x71, 0x2868 0x92916823, 0x4895, 0x042, 0x96, 0x2591, 0x984, 0x62, 0x10856336, 0x38, 0x875, 0x51, 0x3
VAF: 0x18559687, 0x640, 0x19, 0x9951 E9G: 0x39820372, 0x577, 0x4446, 0x48786740, 0x0, 0x679, 0x438, 0x78979765, 0x8, 0x47, 0x492, 0x24, 0x3, 0x17, 0x5 end: 0x76338784, 0x71, 0x079, 0x9, 0x47, 0x85, 0x1848, 0x65462878, 0x5, 0x37, 0x63192301, 0x7325, 0x83862408 0x08018360, 0x915, 0x3568, 0x36, 0x9, 0x8, 0x12028945, 0x08527970, 0x24081658, 0x36589455, 0x8, 0x6 ZVB 7IS D3B rev cvs. EMHW: 0x2, 0x43, 0x3, 0x9911, 0x16, 0x15, 0x393 0x84383584, 0x64786607, 0x24837607, 0x92468798, 0x7, 0x36763885, 0x02, 0x22, 0x1054 source: 0x4831, 0x15, 0x60706900, 0x6603, 0x42, 0x121, 0x33, 0x63, 0x575 create exe rcs F7R end root. interface: 0x6, 0x232, 0x7012, 0x6716, 0x0272, 0x12273178, 0x7, 0x2 667830084714225255
54679296948785636582974 KZM: 0x222, 0x7, 0x8110, 0x04144034, 0x31, 0x424, 0x8536, 0x66090185, 0x5, 0x2057, 0x580, 0x07, 0x5742, 0x104, 0x0 N88N: 0x0587, 0x982, 0x17091670, 0x65, 0x59401485, 0x39282659, 0x0, 0x76, 0x70900531, 0x4, 0x11, 0x50111032, 0x12188851, 0x930 0x38, 0x08600126, 0x026
The first sentence sounds like some kind of robot from a sci-fi movie. So you want us to refresh the form until we receive an e-mail from you guys that the upgrade process was successful? What kind of bank will request something as ridiculous as this? A bank run by a phisher off course.
The phishing link points to:
http://ibank.barclays.co.uk.[DELETED].be/olb/MemberForm.do?memberid= bla bla bla
ibank.barclays.co.uk in this specific case is a series of sub-domains of [DELETED].be and NOT the official Barclays website.
This e-mail certainly travelled all over the world before it reached its destination. It was magically sent from 18.104.22.168 in China, to 22.214.171.124 in Brazil, to the mailbox on Yahoo.com. This Brazilian phishing spammer certainly knows how to use his imagination.
Oh, and what is a phishing scam without some hash buster text?
Related Cyber Criminal Profiles:No related profiles found.
Similar Spam Examples:Banking Phishing Scam - Barclays New Notification - Update immediately
PayPal Phishing Scam - Resolution Center - Account Issues
Abbey National Security Software Upgrade Phishing Scam
Yorkshire Bank Confirm Your Online Records Phishing Scam
Bank of America Phishing Scam - Verification of Your Current Details