|
The phishing data file was a simple text file. Every time someone visited the phishing site and entered data, fields were added to the bottom of the file.
Here's a set of data from the file. In this example, I have replaced all characters entered from the phishing site with the redacting character "*"
========================================
Fri Jan 12, 2007 4:27 pm
User:
Pass:
Account state: **
-----------------------------------
First name: *******
Last name: **********
Address1: ****************
Address2:
City: *******
State: **
Zipcode: *****
Phone: ************
SSN: ***********
Mother: ******
Driver's license: ********
DOB: **********
Cardnumber: *******************
Expiry Date: *******
CVV: ***
Visa COD: ***
IP: aaa.bbb.ccc.ddd
Noteworthy:
* The web page script added a date+time stamp header.
* The User and Pass fields were always blank -- probably a lucky programming error!
* The IP address of the person visiting the site was detected and logged.
* There was no email address information collected or logged.
|
|
