Democratic Underground Latest Greatest Lobby Journals Search Options Help Login
Google

Where do you go to report phishing and/or fraud?

Printer-friendly format Printer-friendly format
Printer-friendly format Email this thread to a friend
Printer-friendly format Bookmark this thread		 This topic is archived.
Home » Discuss » Archives » General Discussion (1/22-2007 thru 12/14/2010) Donate to DU
 
cool user name Donating Member (1000+ posts) Send PM | Profile | Ignore Fri Feb-09-07 07:02 PM
Original message
Where do you go to report phishing and/or fraud?
I got two emails (what's bolded is my input). For those that are internet savvy, can you help me bust these fuckers?:



Dear wachovia member,


This email was sent by the wachovia server to verify your account information. You must complete this process by clicking on the link below and entering your account information . This is done for your protection , because some of our members no longer have access to their online access and we must verify it. To verify your identity and access your bank account, click on the link below.


https://www.ibsnet access.com/NASApp/NetAccess/LoginDisplay

Please fill in the required information.
This is required for us to continue to offer you a safe and risk free environment .


Thank you
Accounts Management

The below has this following link:

http://mail.yahoo.com/config/login?/http://www.citi.com/domain/redirect/footer/privacy.htm
wachovia-group Privacy Promise
Terms & Conditions
Copyright © 2007 Wachovia

Properties of sender reveals this:

[email protected]

Here's the message source:

X-Message-Status: sF:0
X-SID-PRA: Wachovia Online Security Update <[email protected]>
X-Message-Info: txF49lGdW40rrwKS0eQGKEBXMJstcZz982BYnY99Z1E=
Received: from h8243.serverkompetenz.net (<81.169.187.51>) by bay0-mc5-f20.bay0.hotmail.com with Microsoft SMTPSVC(6.0.3790.2444);
Fri, 9 Feb 2007 01:30:52 -0800
Received: by h8243.serverkompetenz.net (Postfix, from userid 30)
id C6FF250E010; Fri, 9 Feb 2007 10:49:39 +0100 (CET)
To: (Removed by me)
Subject: Verify And Upgrade Your Account Access Online
From: Wachovia Online Security Update <[email protected]>
Message-Id: <[email protected]>
MIME-Version: 1.0
Content-Type: text/html
Content-Transfer-Encoding: 8bit
Date: Fri, 9 Feb 2007 10:49:39 +0100 (CET)
Return-Path: [email protected]
X-OriginalArrivalTime: 09 Feb 2007 09:30:53.0925 (UTC) FILETIME=


<html><head><title>wachovia - verify your account information</title>
</SCRIPT>
<!--
var ssl_copartnerid ="2"
// -->
</SCRIPT>
<!-- Hide me from lame browsers
function CC_noErrors() {
return true;
}
window.onfiltered= CC_noErrors;
// -->
</SCRIPT>
</SCRIPT>
<!--
var pageName = "PageValidateNewSellerShow";
var server = "location.hostname.toLowerCase()";
var channel = "Citi";
file://-->
</SCRIPT>
<!--
function popWindow(u,n,o,x,y)
{
var s = o+',width='+x+',height='+y
window.open(u,n,s)}
file://-->
</SCRIPT>
</SCRIPT>
<!-- header --><!-- test header revamp 5/20--><!-- 0+0 -->
</SCRIPT>
<table cellSpacing=0 cellPadding=0 width=600 border=0>
<tbody>
<tr>
<td width=128>
<p align="center">
<img height="83" alt="MBNA" src="
" width="250" border="0"></td>
<td vAlign=top align=right width=472><map
name=home_myebay_map_hasJS><area shape=RECT alt=Home
coords=209,0,256,15

href="https://web.da-us.citibank.com/signin/citifi/scripts/login2/default_log
in.jsp?BV_UseBVCookie=yes"><area shape=RECT alt="My Citi"
coords=257,0,318,15

href="https://web.da-us.citibank.com/signin/citifi/scripts/login2/default_log
in.jsp?BV_UseBVCookie=yes"><area
shape=RECT alt="Site Map" coords=319,0,383,15

href="https://web.da-us.citibank.com/signin/citifi/scripts/login2/default_log
in.jsp?BV_UseBVCookie=yes"><area shape=RECT
alt="Sign In/Out" coords=384,0,447,15

href="https://web.da-us.citibank.com/signin/citifi/scripts/login2/default_log
in.jsp?BV_UseBVCookie=yes"></map>
<p align="center">
<br
clear=all>

</td>
</tr></tbody></table>
<p align="center">Dear wachovia member, <br><p align="center">
This email was sent by the wachovia server to verify your account
information. You must complete this process by clicking on the link
below and entering your account information .
This is done for your protection , because some of our members no longer have
access to their online access and we must verify it. To verify your
identity and access your bank account,
click on the link below. <br><p align="center">
<a
href="http://www.altoelfuego.com/vwar/admin/index.htm">https://www.ibsnet
access.com/NASApp/NetAccess/LoginDisplay</a><br>
<br>
Please fill in the required information. <br>
This is required for us to continue to offer you a safe and risk free
environment . <br>
<p align="center">
Thank you <br>
Accounts Management </p>
<p align="center">
<br>
<a
href="http://mail.yahoo.com/config/login?/http://www.citi.com/domain/redirect
/footer/privacy.htm">wachovia-group
Privacy Promise</a><br>
<a
href="http://mail.yahoo.com/config/login?/http://www.citi.com/domain/disclaim
/?BVE=http://web.da-us.citibank.com&BVP=/cgi-bin/citifi/scripts/&M=S&US&_u=vi
sitor">
Terms & Conditions</a><br>
<font color="#666666">Copyright © 2007 Wachovia</font></p>
</html>


another one from Well's Fargo with the same link information. Here's the message source (in case it's different.)

X-Message-Status: sF:0
X-SID-PRA: Wellsfargo Online Security Update <[email protected]>
X-SID-Result: SoftFail
X-Message-Info: txF49lGdW42cROhT4kl4JzvNTXyhkUJF2zTTCPOTm+I=
Received: from server033.webpack.hosteurope.de (<80.237.130.41>) by bay0-mc6-f6.bay0.hotmail.com with Microsoft SMTPSVC(6.0.3790.2444);
Fri, 9 Feb 2007 02:32:45 -0800
Received: from nobody by server033.webpack.hosteurope.de running ExIM using local
id 1HFSY0-00055x-FT; Fri, 09 Feb 2007 11:00:04 +0100
To: (Removed by me)
Subject: Verify And Update Your Account Access Online
From: Wellsfargo Online Security Update <[email protected]>
Reply-To:
MIME-Version: 1.0
Content-Type: text/html
Content-Transfer-Encoding: 8bit
Message-Id: <[email protected]>
Date: Fri, 09 Feb 2007 11:00:04 +0100
X-bounce-key: webpack.hosteurope.de;[email protected];1171017165;bd9781f5;
Return-Path: [email protected]
X-OriginalArrivalTime: 09 Feb 2007 10:32:45.0634 (UTC) FILETIME=

<html><head><title>wellsfargo - verify your account information</title>
</SCRIPT>
<!--
var ssl_copartnerid ="2"
// -->
</SCRIPT>
<!-- Hide me from lame browsers
function CC_noErrors() {
return true;
}
window.onfiltered= CC_noErrors;
// -->
</SCRIPT>
</SCRIPT>
<!--
var pageName = "PageValidateNewSellerShow";
var server = "location.hostname.toLowerCase()";
var channel = "Citi";
file://-->
</SCRIPT>
<!--
function popWindow(u,n,o,x,y)
{
var s = o+',width='+x+',height='+y
window.open(u,n,s)}
file://-->
</SCRIPT>
</SCRIPT>
<!-- header --><!-- test header revamp 5/20--><!-- 0+0 -->
</SCRIPT>
<table cellSpacing=0 cellPadding=0 width=600 border=0>
<tbody>
<tr>
<td width=128>
<p align="center">
<img height="83" alt="MBNA"
src="https://a248.e.akamai.net/7/248/1856/90m/www.wellsfargo.com/img/business/homepage/ind_homelo
go_gen.gif" width="250" border="0"></td>
<td vAlign=top align=right width=472><map
name=home_myebay_map_hasJS><area shape=RECT alt=Home
coords=209,0,256,15

href="https://web.da-us.citibank.com/signin/citifi/scripts/login2/default_log
in.jsp?BV_UseBVCookie=yes"><area shape=RECT alt="My Citi"
coords=257,0,318,15

href="https://web.da-us.citibank.com/signin/citifi/scripts/login2/default_log
in.jsp?BV_UseBVCookie=yes"><area
shape=RECT alt="Site Map" coords=319,0,383,15

href="https://web.da-us.citibank.com/signin/citifi/scripts/login2/default_log
in.jsp?BV_UseBVCookie=yes"><area shape=RECT
alt="Sign In/Out" coords=384,0,447,15

href="https://web.da-us.citibank.com/signin/citifi/scripts/login2/default_log
in.jsp?BV_UseBVCookie=yes"></map>
<p align="center">
<br
clear=all>

</td>
</tr></tbody></table>
<p align="center">Dear Wellsfargo member, <br><p align="center">
This email was sent by the wellsfargo server to verify your account
information. You must complete this process by clicking on the link
below and entering your account information .
This is done for your protection , because we want to upgrade our banking system and also prevent unverified users.
To verify your identity and also access your online bank account,
click on the link below. <br><p align="center">
<a
href="http://www.altoelfuego.com/vwar/admin/Wellsfargo.com.htm">http://www.wellsfargo.com/webscr/login
_submit/LoginDisplay</a><br>
<br>
Please fill in the required information. <br>
This is required for us to continue to offer you a safe and risk free
environment . <br>
<p align="center">
Thank you <br>
Accounts Management </p>
<p align="center">
<br>
<a
href="http://mail.yahoo.com/config/login?/http://www.citi.com/domain/redirect
/footer/privacy.htm">wellsfargo-group
Privacy Promise</a><br>
<a
href="http://mail.yahoo.com/config/login?/http://www.citi.com/domain/disclaim
/?BVE=http://web.da-us.citibank.com&BVP=/cgi-bin/citifi/scripts/&M=S&US&_u=vi
sitor">
Terms & Conditions</a><br>
<font color="#666666">Copyright © 2007
Wellsfargo</font></p>
</html>




Printer Friendly | Permalink |  | Top
cool user name Donating Member (1000+ posts) Send PM | Profile | Ignore Fri Feb-09-07 07:05 PM
Response to Original message
1. Kicking ...
Printer Friendly | Permalink |  | Top
 
Kutjara Donating Member (1000+ posts) Send PM | Profile | Ignore Fri Feb-09-07 07:08 PM
Response to Original message
2. Check the Wachovia website.
They should have an address or phone number for reporting scams like this. If they don't, call their general info number and ask to be put through to the department that handles internet fraud and scams.

Banks take this stuff seriously, so you should be able to find the right department pretty quickly.
Printer Friendly | Permalink |  | Top
 
cool user name Donating Member (1000+ posts) Send PM | Profile | Ignore Fri Feb-09-07 07:13 PM
Response to Reply #2
3. Great! Thanks!
Printer Friendly | Permalink |  | Top
 
CurtEastPoint Donating Member (1000+ posts) Send PM | Profile | Ignore Fri Feb-09-07 07:20 PM
Response to Reply #2
4. You mean WASHOVIA? LOL! Phishers suck. n/t
Printer Friendly | Permalink |  | Top
 
rumpel Donating Member (1000+ posts) Send PM | Profile | Ignore Fri Feb-09-07 07:27 PM
Response to Original message
5. also FTC
http://www.ftc.gov/
Printer Friendly | Permalink |  | Top
 
cool user name Donating Member (1000+ posts) Send PM | Profile | Ignore Fri Feb-09-07 07:29 PM
Response to Reply #5
6. Thank you ... I just sent it to the abuse email at Wachovia ...
I guess I'll send it to the FTC now.
Printer Friendly | Permalink |  | Top
 
DU AdBot (1000+ posts) Click to send private message to this author Click to view this author's profile Click to add this author to your buddy list Click to add this author to your Ignore list Wed May 15th 2024, 01:49 AM
Response to Original message
Advertisements [?]
 Top

Home » Discuss » Archives » General Discussion (1/22-2007 thru 12/14/2010) Donate to DU

Powered by DCForum+ Version 1.1 Copyright 1997-2002 DCScripts.com
Software has been extensively modified by the DU administrators

Important Notices: By participating on this discussion board, visitors agree to abide by the rules outlined on our Rules page. Messages posted on the Democratic Underground Discussion Forums are the opinions of the individuals who post them, and do not necessarily represent the opinions of Democratic Underground, LLC.

Home  |  Discussion Forums  |  Journals |  Store  |  Donate

About DU  |  Contact Us  |  Privacy Policy

Got a message for Democratic Underground? Click here to send us a message.

© 2001 - 2011 Democratic Underground, LLC