Thursday, September 14, 2006

Interesting Phishing

I was a bit bored,when I received another one of those Phishing mails from someone pretending to be E-Bay at aw-confirm@ebay.com that's a Phishing scam thats been around for awhile just with some slight twists here and there, So for fun I decided to trace their route. Here are the results.

They covered their tracks with some masking IP's, but if I were to hazard an educated guess, I would say it came out of North Korea, it takes you to a site called www.tentile.com or 771.com.cn. Both of which you would want to avoid. They are searching for information. They are what we call information harvesting.

Tracing route to 218.16.122.88 over a maximum of 30 hops

1 292 ms 99 ms 102 ms 10.195.36.1
2 7 ms 15 ms 9 ms gw04-vlan201.etob.phub.net.cable.rogers.com [66.
185.90.129]
3 115 ms 9 ms 5 ms gw03.etob.phub.net.cable.rogers.com [66.185.93.1
61]
4 16 ms 7 ms 6 ms gw02-pos1-0.wlfdle.phub.net.cable.rogers.com [66
.185.82.97]
5 23 ms 23 ms 40 ms igw01.vaash.phub.net.cable.rogers.com [66.185.80
.190]
6 297 ms 386 ms 583 ms p14-0.core02.iad01.atlas.cogentco.com [154.54.12
.89]
7 779 ms 489 ms 394 ms p10-0.core01.iad01.atlas.cogentco.com [154.54.2.
29]
8 27 ms 28 ms * v3491.mpd01.iad01.atlas.cogentco.com [154.54.5.3
4]
9 59 ms 71 ms 76 ms v3495.mpd01.dca01.atlas.cogentco.com [154.54.5.6
1]
10 81 ms 67 ms 55 ms t2-3.mpd01.iah01.atlas.cogentco.com [154.54.2.16
6]
11 858 ms 312 ms 282 ms t7-1.mpd01.lax01.atlas.cogentco.com [154.54.5.19
4]
12 96 ms 110 ms 114 ms g3-0-0.core01.lax01.atlas.cogentco.com [154.54.1
.33]
13 92 ms 187 ms 198 ms p6-0.core01.lax04.atlas.cogentco.com [66.28.4.20
2]
14 171 ms 166 ms 172 ms chinatelecom.lax04.atlas.cogentco.com [154.54.10
.198]
15 740 ms 537 ms 548 ms 202.97.51.173
16 509 ms 527 ms 506 ms 202.97.33.105
17 604 ms 613 ms 608 ms 202.97.40.106
18 * 718 ms 773 ms 202.97.26.93
19 1182 ms 979 ms 658 ms 218.16.126.21
20 1049 ms 1213 ms 1228 ms 218.16.126.58
21 1013 ms 1017 ms 983 ms 218.16.126.213
22 1363 ms 719 ms 790 ms 218.16.122.88

Trace complete.