MarkW
Member
Registered: 19th Mar 04
Location: Orpington, Kent
User status: Offline
|
Although Mav trashed the bloody thread before anyone could read it  v5uk posted a link to a site which was a bogus site for barclays internet logon! now whereas v5uk wanted to crash the site and spam it to death which may have been fun though pointless - hence why mav removed the thread.anyway thought i'd checked it out, with some intresting results so i emailed barclays, as i thought it was best to make them aware etc:
i wouldn't click the link, especially if you use barclays!
*************************
Dear Sir / madam
a friend has made me aware of a link he received to a bogus website which looks exactly the same as the ibank.barclays.co.uk though it isn't!
the link my friend received and also, i clicked on to see what it was :
http://211.24.171.149:8080/LoginMember.do/index.htm
now working in IT Myself i ran a simple tracert for the above IP - Which shows the following;
Tracing route to 211.24.171.149 over a maximum of 30 hops
1 2 ms 1 ms 1 ms 192.168.0.1
2 12 ms 14 ms 12 ms gadamer-dsl.zen.net.uk [62.3.83.3]
3 13 ms 12 ms 12 ms erazmus-ge-0-0-1-1.wh.zen.net.uk [62.3.80.193]
4 19 ms 18 ms 19 ms lorenz-so-0-1-0-0.te.zen.net.uk [62.3.80.45]
5 18 ms 19 ms 19 ms 195.66.226.167
6 335 ms 338 ms * hgc.ge3-0.cr02.hkg03.pccwbtn.net [63.218.61.2]
7 * * * Request timed out.
8 385 ms 403 ms 382 ms global.hgc.com.hk [218.189.12.2]
9 386 ms 385 ms 562 ms 203.121.16.193
10 385 ms 388 ms 383 ms Ge0-3-0.core2.glsfb.time.net.my [203.121.16.34]
11 387 ms 384 ms 385 ms 203.121.17.21
12 385 ms 385 ms 386 ms Fe1-3-1.klpop4.glsfb.time.net.my [203.121.20.195
]
13 386 ms 385 ms 385 ms 203.121.6.26
14 392 ms 388 ms 398 ms 210.19.244.1
15 403 ms 407 ms 401 ms 211.24.171.149
Trace complete.
which to me looks as though the site is hosted at a datacentre somewhere in hong kong - most likely HGC's
whereas a simple ping and tracert to ibank.barclays.co.uk
shows ibank.barclays.co.uk is at [62.172.239.139]
and tracert takes a totally different route
Tracing route to ibank.barclays.co.uk [62.172.239.139]
over a maximum of 30 hops:
1 1 ms 1 ms 1 ms 192.168.0.1
2 13 ms 13 ms 12 ms gadamer-dsl.zen.net.uk [62.3.83.3]
3 14 ms 14 ms 14 ms bolzano-ge-0-0-1-1.wh.zen.net.uk [62.3.80.225]
4 13 ms 15 ms 16 ms erazmus-ge-0-0-0-0.wh.zen.net.uk [62.3.80.49]
5 30 ms 19 ms 19 ms lorenz-so-0-1-0-0.te.zen.net.uk [62.3.80.45]
6 19 ms 19 ms 19 ms linx6.ukcore.bt.net [195.66.226.17]
7 21 ms 19 ms 18 ms core1-pos1-0.ilford.ukcore.bt.net [194.74.65.118
]
8 21 ms 25 ms 21 ms core1-pos14-0.reading.ukcore.bt.net [62.6.204.18
]
9 25 ms 25 ms 24 ms core1-pos14-0.birmingham.ukcore.bt.net [62.6.204
.149]
10 25 ms 24 ms 28 ms mspaccess2-gig1-0-0.birmingham.fixed.bt.net [62.
6.196.12]
11 41 ms 33 ms 33 ms 212.140.222.150
12 * * * Request timed out.
13 * * * Request timed out.
14 * * * Request timed out.
15 * * ^C
as i am sure you are aware.
please could you investigate this, as i would hate to be a victim of this type of crime or anyone else to be for that matter. could you please also inform of what is done as well, as i was also going to forward this email to HGC aswell - though i will leave that to your discrection.
Many thanks & best regards
Mark Whittaker
|
Tom
Member
Registered: 3rd Apr 02
Location: Wirral, Merseyside
User status: Offline
|
 should you have posted all details above though?
|
Jambo
Member
Registered: 8th Sep 01
Location: Maidenhead, Drives: VXR Arctic
User status: Offline
|
good thing too 
Fucking theives. Scummers
|
Brett
Premium Member
Registered: 16th Dec 02
Location: Manchester
User status: Offline
|
quote:
Originally posted by Tom
should you have posted all details above though?
Not really hard for anyone to retrieve
|
MarkW
Member
Registered: 19th Mar 04
Location: Orpington, Kent
User status: Offline
|
quote:
Originally posted by Tom
should you have posted all details above though?
yeh they are simple tests anyone can do. just basically proves that the bogus site is at a completely ddifferent address to the actual barclays one. bit like 2 different postcodes for the same address.
as i have a barclays online account, i have an added intrested to make sure barclays know about it
|
Liam
Member
Registered: 19th Jan 06
Location: Stafford
User status: Offline
|
Good on you, cant stand fraudsters  , hopefully they get it shut down.
|
Steve
Premium Member
Registered: 30th Mar 02
Location: Worcestershire Drives: Defender
User status: Offline
|
thanks i now have your external IP 
|
mav
Member
Registered: 19th Jun 01
Location: Scotland
User status: Offline
|
should have posted it in correct forum then
|
Ian
Site Administrator
Registered: 28th Aug 99
Location: Liverpool
User status: Offline
|
Mark - WHOIS lookup on the IP will give you better ownership details.
http://www.dnsstuff.com/tools/whois.ch?ip=211.24.171.149
|
MarkW
Member
Registered: 19th Mar 04
Location: Orpington, Kent
User status: Offline
|
quote:
Originally posted by Ian
Mark - WHOIS lookup on the IP will give you better ownership details.
http://www.dnsstuff.com/tools/whois.ch?ip=211.24.171.149
cheers
|
supacook2k
Member
Registered: 26th May 03
User status: Offline
|
this is what i got with the tace
Tracing route to 211.24.171.149 over a maximum of 30 hops
1 21 ms 20 ms 19 ms rt-loste11.dial.aol.com []
2 * * * Request timed out.
3 * 18 ms 20 ms accessl2-los-ae4.router.aol.com []
4 20 ms 20 ms 18 ms pop2-loh-S2-2-0.atdn.net [66.185.143.69]
5 18 ms 19 ms 18 ms p16-0-0-0.r22.londen03.uk.bb.verio.net [129.250.
8.125]
6 102 ms 87 ms 88 ms p64-1-0-0.r21.nycmny01.us.bb.verio.net [129.250.
2.38]
7 172 ms 183 ms 173 ms p64-0-0-0.r21.sttlwa01.us.bb.verio.net [129.250.
5.16]
8 283 ms 282 ms 287 ms p64-1-3-0.r21.tokyjp01.jp.bb.verio.net [129.250.
4.186]
9 269 ms 269 ms 268 ms ge-3-0-0.r00.tokyjp01.jp.bb.verio.net [129.250.3
.146]
10 361 ms 359 ms 361 ms p1-2-0-0.r00.kslrml01.my.bb.verio.net [129.250.3
.162]
11 361 ms 361 ms 361 ms p1-0-0-0.r01.kslrml01.my.bb.verio.net [129.250.3
.61]
12 363 ms 362 ms 362 ms ge-1-0-0.a00.kslrml01.my.ra.verio.net [129.250.1
6.146]
13 362 ms 364 ms 363 ms 203.78.193.58
14 379 ms 365 ms 366 ms vlan500.msfc2.glsfb.time.net.my [203.121.16.26]
15 379 ms 378 ms 378 ms Ge0-3-0.core2.glsfb.time.net.my [203.121.16.34]
16 386 ms 385 ms 386 ms 203.121.17.21
17 366 ms 365 ms 365 ms Fe1-3-1.klpop4.glsfb.time.net.my [203.121.20.195
]
18 386 ms 387 ms 386 ms 203.121.6.26
19 383 ms 381 ms 402 ms 210.19.244.1
20 399 ms 397 ms 396 ms 211.24.171.149
[Edited on 25-04-2006 by supacook2k]
|
