Maybank2U Phishing

Comments

  1. mrhenri says:

    Another thing is you can see the “lock” icon at the bottom of the browser. It contains the identity of the website. Mind you, to obtain SSL certificate is not easy as we all thought. If your spelling salah even one, you have to re-do it all over again… In this case, the SSL provider for that maybank.ws is doubtful, as it didn’t mention the issuer of the certificate . Valid SSL provider would be Thawte,Verisgn, to name a few.

  2. pinolobu says:

    i am not 100% sure about this, but even if the bad guys get your login id and password, they can’t transfer funds out of your account into another, unless they know you hp no and somehow impersonate you to get the TAC code.

  3. Vee says:

    :-( Malaysian will be banned forever from being clickbank affiliate lah kalau macam ni… bad impression…

  4. mrbadak says:

    pinolobu – on that page there is a field for handphone number. I think they will call the customer up and pretend to be the bank staff, and ask if they received any TAC request. If they do, then they will make up some other explanation in order for you to tell them the numbers. social engineering bah hehe.

    i think it can work on people who are not sure what’s going on and will just give the tac number.

    cuz you are right, they can’t do anything without the tac number but that won’t stop them from trying.. of course it’s harder la with this extra authentication protection… BCB/CIMB also just started this on their site…

  5. mrBadak.com says:

    Maybank2U Phishing Part II…

    Following up on my blog post on Maybank2U phishing site, if you open the fake site using Firefox, this is what you’ll see (click on the thumbnail below to see a larger version).

    Yeay for Google and Firefox!

    ……

  6. colbert says:

    i got this early nov too. so bad man

  7. darksoft says:

    heee heee. nowdays ppl getting know a lil bit of philser. gonna do nu-style :p

  8. […] The usual trick done by them : They may be showing the real-looking link, such: https://secure.maybank2u.com.my/bla/bla/bla.. but, when clicked, the actual link wasn’t as showed, instead, it rather different. The real-looking link may confuse you down to provide your information to the wrong guy. Read More. […]