Hmm. I received an email from Charter One Bank asking me to confirm my customer details. Funny thing is... I don't use that bank... Attached is a picture of the email.
Source shows it had been send through some cable ISP in Canada.
The "link" inside is uses a <map> to actually send you to http://custconf.com:880
custconf.com resolves to an IP address in Korea....Code:<html><p><font face="Arial"> <A HREF="https://www.charteronebank.com/general/custdetailsconfirmation.asp"> <map name="HM0EG3wPJ"> <area coords="0, 0, 651, 332" shape="rect" href="http://custconf.com:880"></map> <img SRC="cid: part1.00020603.06000909@support_ref_...teronebank.com" border="0" usemap="#HM0EG3wPJ"> </A></a> </font></p><p><font color="#FFFFF8">I'd like Cheer up! Dale Earnhardt O-Town it's for you. </font></p></html>
I smell a Phish!
Reply With Quote