ICFI InTech Computer Forensics Examinations

Home
Consultation
Computer Services
About Us

Internet Alerts

 

 

 Virus Alert

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Warning Phishing Email

These emails are an attempt by someone to get you to enter personal information.

These Emails are good examples of an attempt by someone to steal personal financial information via email.

 

 

March 31/2008

You may receive an apparently harmless e-mail titled "Mail Server Report"

If you open either file, a message will appear on your screen saying:
'It is too late now, your life is no longer beautiful.'

Subsequently you will LOSE EVERYTHING IN YOUR PC, And the person who
sent it to you will gain access to your name, e-mail and password.

This is a new virus which started to circulate on Saturday afternoon.
AOL has already confirmed the severity, and the anti virus software's
are not capable of destroying it.

The virus has been created by a hacker who calls himself 'life owne.

PLEASE SEND A COPY OF THIS E-MAIL TO ALL YOUR FRIENDS, And ask them to
PASS IT ON IMMEDIATELY!

THIS HAS BEEN CONFIRMED BY SNOPES


http://www.snopes. com

Mail Message:

Date received  - Date: 3/3/2008 10:01 AM
 

Dear Customer,

American National Bank Of Texas temporarily suspended your account.
Reason: Billing failure.
We require you to complete an account update so we can unlock your account.
 

To start the update process click here.

[  Suspicious url 1289668154:84/american/ ] Do not click on

This IP was traced to:

adsl-76-222-198-58.dsl.pltn13.sbcglobal.net

Once you have completed the process, we will send you an email notifying
that your account is available again. After that you can access your account at
any time.

The information provided will be treated in confidence and stored in our secure database.
If you fail to provide required information your account will be automatically
deleted from American National Bank Of Texas database.

Copyright © American National Bank Of Texas, All Rights Reserved

Trace IP Information

http://76.222.198.58:84/american/

76.222.198.58 is from United States(US) in region North America


TraceRoute to 76.222.198.58 [adsl-76-222-198-58.dsl.pltn13.sbcglobal.net]

Hop (ms) (ms) (ms) IP Address Host name
1 0 1 0 66.98.244.1 gphou-66-98-244-1.ev1servers.net
2 0 0 0 66.98.241.6 gphou-66-98-241-6.ev1servers.net
3 0 0 0 66.98.240.13 gphou-66-98-240-13.ev1servers.net
4 1 1 2 129.250.11.137 ge-1-11.r04.hstntx01.us.bb.gin.ntt.net
5 1 1 1 129.250.4.233 xe-1-3-0.r20.hstntx01.us.bb.gin.ntt.net
6 9 11 12 129.250.3.129 as-0.r20.dllstx09.us.bb.gin.ntt.net
7 7 6 12 129.250.4.38 po-2.r03.dllstx09.us.bb.gin.ntt.net
8 9 9 11 151.164.249.81 ex2-g3-0-2.eqdltx.sbcglobal.net
9 52 52 52 151.164.42.101 -
10 52 53 53 76.246.22.64 -
11 62 62 64 76.222.198.62 adsl-76-222-198-62.dsl.pltn13.sbcglobal.net
12 64 61 60 76.222.198.58 adsl-76-222-198-58.dsl.pltn13.sbcglobal.net

Trace complete
 

 
Warning suspect Phishing Email

Received 3/06/08

 Dear Amarillo National Bank Customer,

This is your official notification from Amarillo National Bank, your online account has expired. If you want
to continue using our service you have to renew your online account. If not, your online account
will be deactivated and deleted.

To continue click here, complete the renew form with your current
information.  [ suspicious URL www.anbclients.com ]

Many Thanks and Kind Regards - Amarillo National Bank - Update Department

 

anbclients.com may be a bogus domain as it is hosted by yahoo.com for an individual in New Jersey.

Whois Information

Domain Name.......... anbclients.com
Creation Date........ 2008-03-07
Registration Date.... 2008-03-07
Expiry Date.......... 2009-03-07
Organisation Name.... Kaitlin Mccann
Organisation Address. 10 PROVOST AVE
Organisation Address. KEYPORT
Organisation Address. 07735
Organisation Address. NJ
Organisation Address. UNITED STATES

Admin Name........... Kaitlin Mccann
Admin Address........ 10 PROVOST AVE
Admin Address........ KEYPORT
Admin Address........ 07735
Admin Address........ NJ
Admin Address........ UNITED STATES
Admin Email.......... mccann.kaitlin@yahoo.com
Admin Phone.......... +1.7327390212

Tech Name............ YahooDomains TechContact
Tech Address......... 701 First Ave...
Tech Address......... Sunnyvale
Tech Address......... 94089
Tech Address......... CA
Tech Address......... UNITED STATES
Tech Email........... domain.tech@YAHOO-INC.COM
Tech Phone........... +1.6198813096
Name Server.......... yns1.yahoo.com
Name Server.......... yns2.yahoo.com
 

Trace Information

216.39.62.109 is from United States(US) in region North America


TraceRoute to 216.39.62.109 [anbclients.com]

Hop (ms) (ms) (ms) IP Address Host name
1 7 2 1 66.98.244.1 gphou-66-98-244-1.ev1servers.net
2 0 0 0 66.98.241.12 gphou-66-98-241-12.ev1servers.net
3 0 0 0 66.98.240.15 gphou-66-98-240-15.ev1servers.net
4 1 0 0 38.99.206.177 gi0-8.na21.b015619-0.iah01.atlas.cogentco.com
5 1 1 1 66.28.64.65 gi4-2-1.core01.iah01.atlas.cogentco.com
6 6 6 6 66.28.4.97 po5-0.core01.dfw01.atlas.cogentco.com
7 99 20 6 154.54.2.94 te3-1.mpd01.dfw01.atlas.cogentco.com
8 6 7 7 66.28.4.174 te8-3.mpd01.dfw03.atlas.cogentco.com
9 13 6 11 154.54.10.6 yahoo.dfw03.atlas.cogentco.com
10 31 39 31 216.115.101.146 so-4-1-0.pat2.dce.yahoo.com
11 32 32 32 216.115.108.19 ge-2-1-0-p141.msr1.re1.yahoo.com
12 32 32 32 216.39.57.5 ge-1-45.bas-b2.re4.yahoo.com
13 32 32 31 216.39.62.109 p4w2.geo.re4.yahoo.com

Trace complete
 

 

 

 


 

ICFI
InTech Computer
Forensics Investigations

517 N 9th Street
Midlothian, TX 76065
Phone: 972-723-0295

@Email

Copyright © 2008 ICFI, all rights reserved