16 September 2006

SCAM ALERT : PBeBANK Account Phishing !!!

Another Scam involving PBeBANK account website by Public Bank Berhad.

Received an anonymous comment in my previous SCAM ALERT! - Public Bank PBeBANK Identity Theft post, this time sonething similar only with a different URL.


Anonymous said...

This cursed bastards had put up a similar website again at this url at http://www.archev.net/dotproject/classes/index.html

They redesign it but they still can't cheat on the URL link.

Go to Public Bank's website at http://www.pbebank.com/en/en_content/faq/pb_faq3.html

Check on the steps to verify bank's digital certificate method.



Upon checking out the link provided by anonymous reader I found this :

Fake PBeBANK Website (click on image for a larger version)




This is the Real PBeBANK Website

Looks like the recent attacks mainly targetted at PBeBANK website, perhaps its the weakness of their security system that enable these kinda bastard to exploits the weakness?

Whatever it is, as long as you dont login to any of your bank account through any email then you will be fine!

And of coz the Scam mail itself :



Plus a little discovery by the IT guru Mr.Kukujiao from kukujiao.com

earl-ku said...

after browsing the site, i have found that its also phishing for maybank2u users too

http://www.archev.net/dotproject/classes/complete.htm

by acessing this url

http://www.archev.net/dotproject/classes/update.php

i think someone should write a script to send gibberish user id and password non-stop to its server ... then crash kau the damn server

you guys should check the main page also ...

http://www.archev.net/

its said that it belongs to one Vladimir ABRAMYCHEV and he is a rofessional consultant with substantial experience in consulting, business development and project management of international development programmes. I have been involved on different stages in more than 50 technical assistance and management consultancy projects all around the world

and there is a pic of him there also ...


CON-sultant huh? No Wonder! Just be cautious ok? it always pays to be cautious, especially when money is involved.

Have a nice weekend matey!

2 comments:

  1. actually there is no weakness in this e-banking site, with the amount they spent on the infrastructure - i dont think so

    do you know that every major bank now has most of their budget allocation on the IT infrastructure and the systems that runs on it?

    making such a site is easy, you just save the whole damn kau site and the styling, put it onto another site, make sure all the formats are the same ... then a simple script with jsp, php, asp - to capture the username and password then saves it ...

    thats all ... the hard part is how to get real online users toogo login there only ...

    ReplyDelete
  2. after browsing the site, i have found that its also phishing for m2u users too

    http://www.archev.net/dotproject/classes/complete.htm

    by acessing this url

    http://www.archev.net/dotproject/classes/update.php

    i think someone should write a script to send gibberish user id and password non-stop to its server ... then crash kau the damn server

    you guys should check the main page also ...

    http://www.archev.net/

    its said that it belongs to one Vladimir ABRAMYCHEV and he is a rofessional consultant with substantial experience in consulting, business development and project management of international development programmes. I have been involved on different stages in more than 50 technical assistance and management consultancy projects all around the world

    and there is a pic of him there also ...

    ReplyDelete

Comments moderation ENableD.