At 02:17 PM 4/3/2006, neal rauhauser wrote:
Got this forwarded to me by an associate - seems he tried the usual channels and is having no luck. I suppose there are professional phishermen out there but it sure would be nice to cut to the Chase on this one. Heh ... get it ... Chase?
--- phish report
We got a bunch of e-mails this morning, purporting to be from Chase.com; when you click the link in the message, though, you go to the following site;
hhhttp://cpe-24-221-82-147.mi.sprintbbd.net:81/colappmgr/colportal/prospect.ph... fpb=change_form
Hey United guys: chase.us? The registrar is appears absent again. Maybe you slam dunk it? This Chase phish is really getting out of hand. I'm getting them daily from 2 to 5 times in the last week. They are being very resilient on the page source. They're everywhere. Phish source: http://www.fugawi.net/~hannigan/chasephish.txt Spam: http://www.fugawi.net/~hannigan/chasespam.txt NS: Non-authoritative answer: chase.us nameserver = authns.lax.mysite.com. chase.us nameserver = authns.nyc.mysite.com. chase.us nameserver = authns.iad.mysite.com. Authoritative answers can be found from: authns.iad.mysite.com internet address = 64.136.35.146 authns.lax.mysite.com internet address = 64.136.28.28 authns.nyc.mysite.com internet address = 64.136.20.28 -M< -- Martin Hannigan (c) 617-388-2663 Renesys Corporation (w) 617-395-8574 Member of Technical Staff Network Operations hannigan@renesys.com