Attack of the Zombie Orkut Phishing Pages

Beware: “Halifax Classic” Phishing Mail

Your banking website is dead, long live the banking website!

That’s the general gist from a sneaky phish mail doing the rounds, as scammers take the somewhat drastic step of claiming an entire bank’s website has been given an overhaul. The email, which claims to be from Halifax, claims a brand new version of their website will replace the “classic” version:

Hello user,

Things you won’t be having if you click links such as the above: a great day.

There was a mail in circulation a few months back – also a Halifax phish – focusing on a database update. What is it with scammers and Halifax product and service updates?

Anyway, the site was already being flagged by browsers for phishing when we tested a little earlier:

Detected forgery

For anybody using a browser with their anti-phishing turned off (or a browser which didn’t detect the above phish) there was even better news – the page has been taken down, so no chance of any further identity theft and / or card fraud taking place on this occasion.

Phish DOA

 

We can’t give a rundown of all the data the phishers were looking for due to the site being taken down speedily, but as per this Phishtank page they wanted usernames and passwords at a bare minimum. If you’ve been caught out by this particular mail you should contact your bank as soon as possible. The above phish may be offline, but the promise of somewhat extravagant website redesigns used as bait in other emails remains.

Christopher Boyd (Hat-tip to John).

ABOUT THE AUTHOR

Christopher Boyd

Former Director of Research at FaceTime Security Labs. He has a very particular set of skills. Skills that make him a nightmare for threats like you.