[funsec] CommBank cops sustained online fraud attack

quispiam lepidus quispiam.lepidus at gmail.com
Tue Jun 2 08:08:54 CDT 2009

On Tue, Jun 2, 2009 at 5:03 PM, Kane Lightowler <kanelists at gmail.com> wrote:
> More and more Australian base phishes each day. Would be an interesting
> statistic to plot a phish per capita statistic seeing though we are getting
> hit massively in comparison to our 21million population count. I guess our
> seemingly mature online banking infrastructure makes us a good fit target.
> In this instance they have also combined a vishing excercise.

Seen many thousands of these over the last 48 hours. Quite a few
variations, including one with a html attachment with a hefty chunk of
obsfucated javascript.

The one with the phone number (I sifted through ~10k commbank phish
and only came up with one unique number) is interesting. I just pinged
the phone number and it's still active, 2 rings then diverted to the
scammers, with the recorded message asking for card details. To
hesitate a guess, i'd say someone in Queensland is going to be
seriously pissed off when they get their next phone bill.

More information about the funsec mailing list