Got this email in my gmail account this morning. An exceptionally good phish I must say...
When you hover over the 'verification' link it shows http://newlook.co.za/absa.co.za/ib.htmlDear Customer
Absa Bank have been receiving complaints from our Customers
about unauthorised use of their Online Bank Accounts.
As a result we periodically review certain Customers' Accounts and temporarily restrict access
to those which we think are vulnerable to unauthorised use.
This message has been sent to you from Absa Bank because
we have noticed some invalid login attempts into your account.
Due to this we are temporarily limiting and restricting
your account access until we confirm your identity.
To confirm your identity and avoid limitations to your Online Banking Access,
Please click on the button below
http://www.absa.co.za/
Thank You.
Legal Advisor
Absa Bank.
An exact replica of Absa's login page. Just the one frame that you require to put in your details in is fake the rest of it links directly to Absa's official site.
What I was wondering was:
1) How they got my email address? I'm not an Absa customer so how would the phish'ers know that myname@gmail.com belongs to a South African user?
2) the http://newlook.co.za looks like a legit site, have the phish'ers hacked and taken over the domain or would they just put up a fake site (with quite a bit of detail)?