Good day,
Un fortunately we have discovered a fourth
phishing site within the same IP which is:
http://217.108.248.234/local_bdnoc/bbx/index.html
Please, there are two different fraudulent URLs which are
creating many trouble to customer of BBVA Bank, therefore we need you immediate
collaboration to take them down in the shortest time.
Thank you very much for your information.
Kind regards.
Team SOC
S21SEC
-----------------------------------------------------
--------------------------------------
To Whom It May
Concern,
S21sec has been informed that there is currently a
website hosted by your company that is involved in a phishing scheme to obtain
personal account information from the customers of BBVA. S21sec has received numerous complaints and
e-mails regarding the Web site listed below:
http://217.108.248.234/local_bdno/bbx/index.html
http://217.108.248.234/local_bdnob/bbx/index.html
http://217.108.248.234/local_bdnoa/bbx/index.html
The web IP:
http://217.108.248.234/ shows a
Fedora Test Page.
lookup failed |
217.108.248.234 |
|
Could not find a domain name
corresponding to this IP address. |
Domain Whois record
Don't have a domain name for which to get a record
Network Whois record
Queried whois.ripe.net with "-B 217.108.248.234"...
%
Information related to '217.108.248.232 - 217.108.248.239'
inetnum:
217.108.248.232 - 217.108.248.239
netname:
FR-LA-RESERVE-A-RAMATUELLE
country:
FR
descr:
Interconnection with RAEI backbone
admin-c:
VD1393-RIPE
tech-c:
VD1393-RIPE
status:
ASSIGNED PA
mnt-by:
RAIN-TRANSPAC
changed:
gestip.rain@orange-ftgroup.com 20091009
source:
RIPE
person:
Vincent DG
address:
CHEMDE LA QUESSINE 83350 RAMATUELLE
phone:
+33 494791428
e-mail:
vincent.dg@lareserve-ramatuelle.com
nic-hdl:
VD1393-RIPE
mnt-by:
RAIN-TRANSPAC
changed:
gestip.rain@orange-ftgroup.com 20091009
source:
RIPE
%
Information related to '217.108.0.0/16AS3215'
route:
217.108.0.0/16
descr:
RAIN
descr:
Reseaux d'Acces a l'INternet
remarks:
-------------------------------------------
remarks:
For Hacking, Spamming or Security problems
remarks:
send mail abuse@orange-business.com
remarks:
-------------------------------------------
origin:
AS3215
mnt-by:
RAIN-TRANSPAC
changed:
gestip.rain@orange-ftgroup.com 20070910
source:
RIPE
--
end --
On behalf of BBVA, S21sec requests that the Web site(s) listed above
be deactivated and the domain name removed from your
servers. BBVA would like you to provide S21sec with the source code, including any data
collected, of this Web site for analysis to help prevent further phishing
schemes. If any customer data has been collected, it will be forwarded
to BBVA so that they may notify their customers regarding this issue
and take other appropriate actions as needed.
S21sec is the leading company specialized in
computer security services. It was founded in 2000 with the aim of preventing
and managing organization risks and people in the digital world.
Please contact us if any further information is required to expedite the
process of removing this Web site from service. If needed, forward this
e-mail and request to the appropriate contact that is able to deactivate this
site.
--
Security Operations Center (S.O.C.)
e-mail: antiphishing@s21sec.com
Phone
number: +34914903747
www.s21sec.com
Security Operations Center (S.O.C.)
Tlf: 902 111 521
www.s21sec.com
La información
contenida en este mail, así como los archivos adjuntos, es CONFIDENCIAL.
Grupo S21sec Gestión, S.A. garantiza la adopción de las medidas necesarias para
asegurar el tratamiento
confidencial de los datos de carácter personal. En el caso de que el
destinatario del correo no sea usted,
le rogamos envíe una notificación al remitente y lo destruya de forma
inmediata.
La lectura y/o
manipulación de esta información en la situación señalada anteriormente será
considerada ilegal,
permitiendo a la empresa remitente realizar acciones legales de diferente
envergadura.