MalwareIntelligence es un sitio dedicado a la investigación sobre todas las cuestiones relacionadas con criminología informática, seguridad de la información en general y seguridad antimalware en particular, siempre desde una perspectiva estrechamente relacionado con el campo de inteligencia.

3.4.10

Phishing Database V

Instituciones financieras y bancarias
HSBC (http://www.hsbc.com)
http://www.ellerencontre.com//forum/add/verify/HSBCINTEGRATIONCAM10jsessionid=00001DwpIt0wIyX1arHd6K8mQB6URL=hsbc.MyHSBCpib/hsbc/1.php?jsessionid=CAM10:jsessionid=0000RcSVT4vYF7HNB8AsppR8HRo:11j71fovq?IDV_URL=hsbc.MyHSBC_pib
http://www.mygrowshop.com/GiantSolutions/includes/hsbc.co.uk/HSBCINTEGRATIONCAM10;js/Register%20forInternetBanking/IBlogin.html
http://www.wings-of-germany.de/language/IBlogin.html
http://www.sugardaddy-match.com/wages/IBlogin.html
http://stalamsink.carpfun.nl/upgrade/IBlogin.html
http://www.taosmotors.net/wages/IBlogin.html
http://werlondik.com/brhsbc.co.uk/1/index.php
http://werlondik.com/security.hsbc.co.uk/1/index.php
http://holetyx.com/hssbc.co.uk/1/index.php
http://ballmeon.com/hhsbc.co.uk/1/index.php
http://derbysik.com/brhsbc.co.uk/1/index.php
http://www.janefrancesphotography.net/images/large/families/IBlogin.html
http://www.academy-uk.net/academy/teacher/images/IBlogin.html
http://lamourencouleurs.fr/emailimages/eefs/verify/HSBCINTEGRATIONCAM10jsessionid=00001DwpIt0wIyX1arHd6K8mQB6URL=hsbc.MyHSBCpib/hsbc/1.php?jsessionid=CAM10:jsessionid=0000RcSVT4vYF7HNB8AsppR8HRo:11j71fovq?IDV_URL=hsbc.MyHSBC_pib
http://hsbc-online.etvx.info/1/2/HSBCINTEGRATION/CAM10;jsessionid=0000tva9NQkofu4NIM7pUel5Tvn11j5bfvduIDV_URL=hsbc.MyHSBC_pib/index.html
http://palizada.org/images/hsbc/1.php?jsessionid=CAM10:jsessionid=0000RcSVT4vYF7HNB8AsppR8HRo:11j71fovq?IDV_URL=hsbc.MyHSBC_pib
http://www.mytime-jewelry.com//administrator/components/com_virtuemart/IBlogin.html
http://www.beavertonletip.com/IBlogin.html
http://www.diningonthego.com/wages/IBlogin.html
http://www.webseomarketing.com/wages/IBlogin.html
http://werlondik.com/brhsbc.co.uk/1/index.php
http://werlondik.com/security.hsbc.co.uk/1/index.php
http://holetyx.com/security.hsbc.co.uk/1/index.php
http://teachers-corner.co.uk/wp-includes/images/smilies/_notes/IBlogin.html
http://ynzal.com/catalog/images/gds/hsbc=HSBCINTEGRATION;jsessionid=0000BZUYYF_dAUw4Iqqlvb4F3RR/index.php
http://www.artbyonlineoriginals.com/images/mail/IBlogin.htm
http://online-credit-repair-info.com/images/IBlogin.html
http://hsbc-online.at-le-bar.com/1/2/HSBCINTEGRATION/CAM10;jsessionid=0000tva9NQkofu4NIM7pUel5Tvn11j5bfvduIDV_URL=hsbc.MyHSBC_pib/index.html
http://www.londontaxis.info/wages/IBlogin.html
http://iomtt.com.ar/hsbc-online//1/2/HSBCINTEGRATION/CAM10;jsessionid=0000tva9NQkofu4NIM7pUel5Tvn11j5bfvduIDV_URL=hsbc.MyHSBC_pib/index.html
http://hsbc.gaadi.eu/1/2/HSBCINTEGRATION/CAM10;jsessionid=0000tva9NQkofu4NIM7pUel5Tvn11j5bfvduIDV_URL=hsbc.MyHSBC_pib/index.html
http://hsbc.mobilenew.co.uk/1/2/HSBCINTEGRATION/CAM10;jsessionid=0000tva9NQkofu4NIM7pUel5Tvn11j5bfvduIDV_URL=hsbc.MyHSBC_pib/index.html
http://hsbc-online.fitnessage.com.sg/1/2/HSBCINTEGRATION/CAM10;jsessionid=0000tva9NQkofu4NIM7pUel5Tvn11j5bfvduIDV_URL=hsbc.MyHSBC_pib/index.html
http://hsbc-online.urtava.com/1/2/HSBCINTEGRATION/CAM10;jsessionid=0000tva9NQkofu4NIM7pUel5Tvn11j5bfvduIDV_URL=hsbc.MyHSBC_pib/index.html
http://johnbarresi.com.au//proeye/proeye2/hsbcbankuk/index.html
http://aspiration.centrale.free.fr/custom/include/index.html
http://lloydsite.org/ib/CAM10-jsessionid=000026MQ7KnXUxsKmiYKszFUkGJ12c58ti63.htm
http://www.oranaarts.com/files/hsbc.onlinebanki/index.htm
http://www.sueoverton.com//mambots/editors/tinymce/jscripts/tiny_mce/editorial.html
http://leverx.ru/hsbcbankuk/index.html
http://gcitizen.org/wp-includes/images/crystal/IBlogin.html
http://jeanjacquesestager.free.fr/_private/IBlogin.php
http://brabantbusinessclub.be/uploads/images/employees/IBlogin.html

ICICI Bank (www.icicibank.com)
http://mrquibble.com/sqladmin/themes/original/img/onlineverification.do/indexx.html

Banco Do Brasil (www.bb.com.br)
http://www.portalbancodobrasilnet.com/portalbb/aapf/login/index.bb

Bradesco (www.bradesco.com.br)
http://www.badminton.hr/logs/bradescorecadastramento.com.br/?http://www.bradesco.com.br
http://www.sodagri.net/Bradesco.com.br/scripts/ib2k1.dll/LOGIN.php
http://www.neetbankingg.com/desco/log/site/
http://simbrasegu.dominiotemporario.com/Bradesco/LOGIN.php

NAB - National Australia Bank (www.nab.com.au)
http://www.jbngems.com/editors/nab/

BBVA
(www.bbva.com)
http://74.54.17.82/~lalampar/provincial.com/tlvz/index.html
http://81.4.128.110:8011/www.bbva.es/TLBS/tlbs/esp/segmento/particulares/index.htm
http://www.servicio-bbva.es.frostmaster.com/TBLS/segmento/particulares/index.htm

Bank of America (http://www.bankofamerica.com)
http://www.flagontheplay.co.uk/classifieds/yellow_images/update.bankofamerica.com/update.bankofamerica.com/securedspot/verify/cmThkRqcUe5qBbIUMLTMUxjVXHuoiRBMC8Qg1BHav4pYFzembFoENcG1gf3H4PaiYU4h/securedpage/
platinum.tritoncore.com/~grafix90/bnkofamericasitykeybknofamerica/signon.php?section=signinpage&update=&cookiecheck=yes&destination=nba/signin
http://www.atcn.com.ng/boa/ibc1/www.boa.com/boa.online/onlinebankingofamerica.com/index.htm
http://www.jeondae.es.kr/images/IRS/Bofa/index.htm

Wells Fargo (www.wellsfargo.com)
http://www.jeondae.es.kr/images/IRS/Wellsfargo/index.html

ING Direct (www.ingdirect.com)
http://www.jeondae.es.kr/images/IRS/INGDirect/index.html

KeyBank (https://www.key.com)
http://www.jeondae.es.kr/images/IRS/Key/index.html

MasterCard (www.mastercard.com)
http://www.mitraogan.co.id/mo24/email/secure.mastercard384912/index.php

NedBank (www.nedbank.co.za)
http://www.abcidealpartners.com/SARS/SARS/SARS/Nedbank/index.html
http://www.design-daisy.com/images/NedBank/NedBank/Internet-Banking.html

FNB - Fist National Bank (www.fnb.co.za)
El mismo sitio contiene otro paquete de phishing pero orientado a otra entidad bancaria de Sudáfrica: FNB.

http://www.abcidealpartners.com/SARS/SARS/SARS/FNB/index.html
http://eugenechang.com/2008/05/index.html

Standard Bank (www.standardbank.com)
http://www.abcidealpartners.com/SARS/SARS/SARS/Standard/index.html

Poste Italiane
(www.poste.it)
http://muflexx.com/folder/1.php?logon=myposte
http://youeme.com/_server/https/www.poste.it/bancoposta/online/_private/bpol/CARTEPRE/index.php?MfcISAPICommand=SignInFPP&UsingSSL=1&email=&userid=
http://www.ccllbb.org/bancopostaonline.poste.it/bpol/CARTEPRE/index.php?MfcISAPICommand=SignInFPP&UsingSSL=1&email=&userid=
http://www.opensourcedeal.com/images/poste/login.html

CartaSI (www.cartasi.it)
http://titolaricartasi.myvnc.com/portale.carta.it/
http://https.universal.pay.secure.code.international.electronic-product.net/titolari.carlasi.it/portaleTitolari/login.html
http://webmail.orbit.net.pk/manual/search/.redirect.tirolari.cartasi.it.portal/index.html

Interbank (www.interbank.com.pe)
http://aditivos.com.sv/includes/fileman/includes/www.interbank.com.pe/

SunTrust (www.suntrust.com)
http://onpointservice.com/www.suntrust.com/portal/server.pt/?session=9e50b36bb2497496c6398461a2082fcc9cf45c66fcb67ddc44b04dafa0a2065399f6f9353fb42e260a8def4e4e0af2ca
http://onmgroup.org/www.suntrust.com/portal/server.pt/?session=9e50b36bb2497496c6398461a2082fcc9cf45c66fcb67ddc44b04dafa0a2065399f6f9353fb42e260a8def4e4e0af2ca

National City (www.nationalcity.com)
http://www.jeondae.es.kr/images/IRS/NationalCity/index.html

egg (http://www.egg.com)
http://rainandbeauty.com/1/images/yourmoney.html
http://www.tdfa.org.tw/19/imageinstore/aspx.html

Comercio electrónico
PayPal (https://www.paypal.com)
http://paypal.heart4rent.com/
http://gestion-assistance.com/images/Acti-vat-ion/Pay-PaI/web-scr_cmd-__login-submit=88d4dd2s/paypal/webscr.php?cmd=_login-run&dispatch=58fhgh80a13c0db1f998ca054efbdf2c29878a4dfg35fe3dfg24eec251dfg17984bfsdfgfg3e9efc43be68afde3b5a1f8bc51e57a603005e43be68afde3b5a1f8bc51e57a603005e
http://verifmycard.javabien.fr/paypal.fr/cgi-bin/updates-paypal/confirm-paypal/confirm.html
http://sec-ng.com/cgi-biin/confirm-info/bssdsdwdf441dsf5545dsf211s/
http://66.49.189.144/users/sunshine/paypal/cgi-bin/webscr&cmd=_login-run/?flagged&account=_login-run
http://visiotex.com/www.paypal.com/us/cgi-bin/webscr.php?cmd=_login-run&dispatchMessage-ID
http://www.lastudioart.com/recupera/details.html?cmd=_login-done&login_access=1193476743
http://fousad.limewebs.com/www.PyPaL.fr/www.PyPaL.fr/online-securise/fr_cgi-bin/webscrcmd=_login-run/webscr.htm?cmd=_login-run&dispatch=5885d80a13c0db1f1ff80d546411d7f84f1036d8f209d3d19ebb6f4eeec8bd0e600503ac90b3469c8ae903c553e3dc43600503ac90b3469c8ae903c553e3dc43
http://210.109.7.34/paypal/index.html
http://www.wishfoundation.in/images/paypal-verify/paypal-verify/de/confirm/
http://davethecomputerdoctor.com/forum/language/lang_english/email/service-web/PaYpa.L.FR.Comunication/JKLJKLGHJKLHJHJJKLJKLJKLGFKLJDFGKLJSDFKLGSDG5644654D56FG456SDG456SD4G56D4G564SDG564D56G4D56FG456DFG456DSG456DSF4G65SDF4G56D4FG56D4SFG564DSG564SD56G456SDG4DFGJKLSDGJSDFGJKDSLGJKLDSGJKLDJGKLSDJGKJDGJDKLFGJKLDSFJGLKSDJGKLSDJGKLJSDFKGJDKLGJKLDGJKLDGJLKDGJLK/service.connexion.France-Telecom.fr/

eBay (www.ebay.com)
http://budvill.hu/Images/icons/signin.ebay.com.ws.eBayISAPI.dllSignIn&UsingSSL=1&pUserId=&co_partnerId=2&siteid=0&ru=my.ebay.com2Fws2FeBayISAPI.dllFMyMessagesFolderView/


Online Games
World of Warcraft (www.worldofwarcraft.com)
http://us.betiic.net/login/login.htm?ref=https://www.worldofwarcraft.com/account/&app=wam&rhtml=true
http://www.worldofwaracraft-manage.com/
http://www.worldofwarcrazft-login.com/
http://www.account-6.com/wow.html
http://www.blizzardaccount-management.com/
http://us.battxe.net/login/login.html

Redes Sociales
Orkut (www.orkut.com)
http://orkut2.50webs.com/orkut%20-%20login.htm
http://kirkrjk.t35.com/orkut%20-%20login.htm
http://orkuty-cmm.50webs.com/orkut%20-%20login.htm

Facebook (www.facebook.com)
http://facebook-you.denirulz.org/
http://cassiopea.no-ip.biz/webserver/www.facebook/
http://nabsky.wen.ru/Tools/facebook.php.html

Web Mail
Windows Live (http://login.live.com)
http://agencia.pro.idoo.com//entrevistadas/login.srf.htm
http://cats.goodoolz.com/
http://login.live.com.nsatc.net/

Información relacionada
Phishing database IV
Phishing database III
Phishing database II
Phishing database I
Página web del film Besouro vulnerada con ataques de phishing a PayPal
Web de Hooters Alemania comprometida con phishing a HSBC
Disección de un kit fraudulento. Wachovia phishing attack

Jorge Mieres

2 comentarios:

Anónimo dijo...

Otro falso positivo en WebMail :P

https://signup.live.com/signup.aspx?id=258507&fl=wld2&rollrs=12&lic=1

Hay un link facil para denunciar correos de gmail donde reciben este tipo de fraude?

Saludos
AnonimoK

Jorge Mieres dijo...

Hola, muchas gracias por la colaboración. El falso positivo fue removido.

Respecto a la pregunta, si te refieres en general, puedes denunciar los sitios fraudulentos a través de la opción incorporada en los navegadores.

Si por el contrario te refieres a MalwareIntelligence, puedes enviarnos un correo a e-fraud@malwareint.com, allírecibimos las denuncias sobre sitios fraudulentos y maliciosos.

Saludos y gracias!

Jorge.-