Article written

  • on 10.09.2007
  • at 07:00 AM
  • by David

category: website

The Newest Phishing Lure: Hex IPs View Comments

Sep10

I got this e-mail on Saturday:

 

Dear Bank of America client,

 

You have received this email because you or someone had used your account from different locations.For security purpose, we are required to open an investigation into this matter.

In order to safeguard your account, we require that you confirm your banking details.

The help speeed up to this process, please access the following link so we ca complete the verification of your Bank of America Online Banking Account registration information.

http://0×40164870/www.bankofamerica.com/sslencrypt218bit/online_banking

If we do no receive the appropriate account verification within 48 hours, then we will assume this Bank of America account is fraudulent and will be suspended.

The purpose of this verification is to ensure that your bank account has not been fraudulently used and to combat the fraud from our community. We appreciate your support and understanding and thank you for your prompt attention to this matter.

Now this has all the hallmarks of a phishing scam, poor grammar, spelling, punctuation, and a bad premise for getting you to type in your personal information. Oh yeah and I don’t use BOA, so that was a help. I flagged it as a phishing scam in gmail and took a closer look at the address:

it almost looks like a weird subdomain:

http://0×40164870/www.bankofamerica.com/sslencrypt218bit/online_banking

That 0X40164870 bit is actually a IP address, just converted into hexadecimal. You can do this kind of thing yourself if you want, not phishing, but making hex IP addresses, there’s a really easy tool at KLOTH.NET that will convert an IP address for you, here’s an example using google:

 

First we ping Google from a command prompt (Start>>Run>> type cmd and press enter) type in ping www.google.com and you’ll get some stats, but more importantly for us, the IP address:

Google ping

We plug that address into KLOTH :

Screen Shot from Kloth.net

 

 

 

And we have the Hex version of Google’s address so going to http://0x40e9A968 will take us to google! The ’0x’ i used as a notification of a hex address.  So now that you know what it is, you can avoid it!

Share and Enjoy:
  • Digg
  • Sphinn
  • del.icio.us
  • Facebook
  • Mixx
  • Google Bookmarks
  • DZone
  • Fark
  • Furl
  • Live
  • Ma.gnolia
  • Propeller
  • Reddit
  • Slashdot
  • SphereIt
  • StumbleUpon
  • Technorati
Custom Search
  • http://www.nbamax.com nba news

    Thanks, I've been looking for a step-by-step guide for upgrading wordpress on GoDaddy for quite some time now.

  • http://spiritualhowto.com Spiritual Info

    Hey thanks for this. It's nice to know this kind of stuff!

  • http://www.morphdude.com Morphdude

    I always find it interesting how someone can put together and come up with some type of scam but they simply cannot spell worth a crap… Thanks for the info though. KLOTH net has been around a while and is a great site for lookups and other info.

  • http://www.gossipsandstars.info Iv

    I like it!

  • burdickrobert

    There is another link under the category of personal finance but it has nothing to do with finance. If you have difficulties in making payment, you can click the link named wachoviabank.com. You will have an expert helping you to fix your problems and you don’t have to go out of your home to get the service. What you need to do is to choose a button between the two “call us today” and “we’ll call you”. Don’t you think this service shows the attentiveness and consideration of the Wachovia? It’s really good in my opinion.

  • http://www.myeasypaymentcom.com/ Alex

    Thanks for sharing . This information is useful for me.

blog comments powered by Disqus

The KnightKnetwork is powered by WordPress and FREEmium Theme.
developed by Dariusz Siedlecki and brought to you by FreebiesDock.com