At 02:17 PM 4/3/2006, neal rauhauser wrote:
Got this forwarded to me by an associate - seems he tried the
usual channels and is having no luck. I suppose there are
professional phishermen out there but it sure would be nice to cut
to the Chase on this one. Heh ... get it ... Chase?
--- phish report
We got a bunch of e-mails this morning, purporting to be from
Chase.com; when you click the link in the message, though, you go to
the following site;
hhhttp://cpe-24-221-82-147.mi.sprintbbd.net:81/colappmgr/colportal/prospect.php?_n
fpb=change_form
Hey United guys: chase.us? The registrar is appears absent again.
Maybe you slam dunk it?
This Chase phish is really getting out of hand. I'm getting them
daily from 2 to 5 times
in the last week.
They are being very resilient on the page source. They're everywhere.
Phish source:
http://www.fugawi.net/~hannigan/chasephish.txt
Spam:
http://www.fugawi.net/~hannigan/chasespam.txt
NS:
Non-authoritative answer:
chase.us nameserver = authns.lax.mysite.com.
chase.us nameserver = authns.nyc.mysite.com.
chase.us nameserver = authns.iad.mysite.com.
Authoritative answers can be found from:
authns.iad.mysite.com internet address = 64.136.35.146
authns.lax.mysite.com internet address = 64.136.28.28
authns.nyc.mysite.com internet address = 64.136.20.28
-M<
--
Martin Hannigan (c) 617-388-2663
Renesys Corporation (w) 617-395-8574
Member of Technical Staff Network Operations
[EMAIL PROTECTED]
