phishing
Technomage
technomage-hawke at cox.net
Thu Jan 11 12:14:54 MST 2007
On Thursday 11 January 2007 08:08, keith smith wrote:
> Good Morning to all you guru's out there in PLUG land!
>
> I received an email this morning:
>
> From : Bank of America
> Subject : Account Authentication Required
>
> Saying I needed to verify my account. It contained a link that took me to
>
> http://203.199.124.235/bankofamerica.com/
>
> Obviously this is fraudulent. My first clue was I do not have a BofA
> account :)
>
> So this form asks for account numbers, social security number, date of
> birth, mothers maiden name .... ETC.
>
> This is the second time I have received this type of email. Both times I
> have reported it to BofA.
>
> So now I'm curious. I would like to do a little detective work here. I
> went to DNSStuff.com and did a reverse lookup and the IP shows it is in
> India City....
>
> I know there must be a Linux command that I can run to learn more about
> this IP. I'm wondering just how much information I might be able to learn
> from just having this limited amount of information and how I would go
> about it.
>
> Any Ideas?
>
> Thanks,
> Keith
>
>
>
>
> Keith Smith
here's what I got using whois....
***********
proudhawk at leopard:~> whois 203.199.124.235
% [whois.apnic.net node-2]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html
inetnum: 203.199.0.0 - 203.199.255.255
netname: VSNL-IN
descr: Videsh Sanchar Nigam Ltd - India.
descr: Videsh Sanchar Bhawan, M.G. Road
descr: Fort, Bombay 400001
country: IN
admin-c: IA15-AP
tech-c: VT43-AP
remarks: -+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
remarks: This object can only be modified by APNIC hostmaster
remarks: If you wish to modify this object details please
remarks: send email to hostmaster at apnic.net with your organisation
remarks: account name in the subject line.
remarks: -+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
mnt-by: APNIC-HM
mnt-lower: MAINT-VSNL-AP
mnt-routes: MAINT-VSNL-AP
changed: hm-changed at apnic.net 20040318
status: ALLOCATED PORTABLE
changed: hm-changed at apnic.net 20040319
source: APNIC
person: IP Administrator
nic-hdl: IA15-AP
e-mail: ip.admin at vsnl.co.in
address: 6th Floor, LVSB, VSNL
address: Kashinath Dhuru marg, Prabhadevi
address: Dadar(W), Mumbai 400028
address: India
phone: +91-22-56633503
fax-no: +91-22-24320132
country: IN
changed: gpsingh at giasbm01.vsnl.net.in 20040312
mnt-by: MAINT-VSNL-AP
source: APNIC
person: VSNL Tech
nic-hdl: VT43-AP
e-mail: ip.tech at vsnl.co.in
address: 6th Floor, LVSB, VSNL
address: Kashinath Dhuru marg, Prabhadevi
address: Dadar(W), Mumbai 400028
address: India
phone: +91-22-56633503
fax-no: +91-22-24320132
country: IN
changed: kapilkumar.jain at vsnl.co.in 20040312
mnt-by: MAINT-VSNL-AP
source: APNIC
More information about the PLUG-discuss
mailing list