Latest Maybank Phishing Web Site

http://www.doomfire.net/home/cache/doomed/backup/confirm/index.htm

Please do not login or comply, it is fake!!

It came with the following message.

Online Banking Services
Security Update Alert

We recently noticed quite a number of unsual log-in attempts into your MAYBANK Online Banking Account from an IP address different from your own we have on file,So we noticed that your account is having some insufficient security problems for it to have been accessed by a third party without your authorization.

If you recently accessed your account on a travel trip, the Sign on in attempts might have been made by you. However, if you are the rightful account holder, follow the link below and make sure you update your online banking informations,as we try to verify your identity and put an extra security on your online banking account.


The log-in attempt was made from:
IP address: 71.229.9.95
ISP host: c-71-229-9-95.hsd1.al.comcast.net

If you decide to ignore this request, we will temporarily lock your online account access and conduct further investigations.

We ask that you allow at least 72 hours for the case to be investigated.

The email header which I received the link.

From Maybank Internet Banking Wed Aug 1 04:23:21 2007
Return-Path:
Authentication-Results: mta306.mail.mud.yahoo.com from=maybank.com.my; domainkeys=neutral (no sig)
Received: from 83.222.23.242 (HELO be72.masterhost.ru) (83.222.23.242)
by mta306.mail.mud.yahoo.com with SMTP; Wed, 01 Aug 2007 04:30:05 -0700
Received: (qmail 9203 invoked by uid 2000); 1 Aug 2007 11:23:21 -0000
Date: 1 Aug 2007 11:23:21 -0000
Message-ID: <20070801112321.9202.qmail@be72.masterhost.ru>
To: brandonteohno1@yahoo.com
Subject: Important Notice!
From: Maybank Internet Banking
Reply-To:
MIME-Version: 1.0
Content-Type: text/html
Content-Transfer-Encoding: 8bit
Content-Length: 2623

Comments

Anonymous said…
What we can all do is go to the phishing site, and purposely fill in false information as to distract the phishers with the false information thinking it was real. That way, the more time they spent distracted, the lesser people they can phish :)
Brandon Teoh said…
that is right.

I have done that.. I gave them the f*** word as the password.

I think some inexperienced web users might have fallen to the trap already.Too bad.

I thought it was real at first sight. Since I have been logging in frequently.
Alone said…
uhu.. so frightening..
Nice way to share such important information - i am a big fan of your blog and will follow it.
For more details at move4less .