Lovely little phishing scam arrived the other day:
To provide our customers the most effective and secure online access to their accounts, we are continually upgrading our online services. As we add new features and enhancements to our service, there are certain browser versions, which will not support these system upgrades. As many customers already know, Microsoft Internet Explorer has significant ‘holes’ or vulnerabilities that virus creators can easily take advantage of.
In order to further protect your account, we have introduced some new important security standards and browser requirements. SunTrust security systems require that you test your browser now to see if it meets the requirements for SunTrust Internet Banking.
Please sign on to Internet Banking in order to verify security update installation. This security update will be effective immediately. In the meantime, some of the Internet Banking services may not be available. (Don’t worry, the URL is safe to click on.)
Lovely, isn’t it? Get the punters worried about one thing so they don’t spot where you’re taking them with the other. Classic magician’s trick. And all spelt correctly too.
The compromised machine being used to host this site is at 18.104.22.168 (in the subdirectory /s). It’s in Italy and has open ports all over the place; you can even FTP into it but I couldn’t get a listing. (It’s a Windows machine.) Anyone care to see if they can get any further?