Fellow blogger, Yasir Auleear, wrote today about a phishing email that he received. He shared the email header and we can see the message originated from www.pan.mr and not mcb.mu. He concluded that message to be an MCB IB phishing scam.

Image courtesy, yasirmx.net Image courtesy, yasirmx.net

PAN is an abbreviation for Port Autonome de Nouadhibou as seen on the www.pan.mr website. The cyber criminal(s) behind the MCB IB phishing scam compromised this website & used its mailserver. Currently, part of the website does not look good ^^

www-pan-mr

The website runs on Joomla and web trails indicate it has been defaced & compromised in the past as well. At the moment the website is slow to load, which could be the result from a busy server sending tons of emails :-)


What is phishing?

Phishing is an attempt to obtain sensitive or personal information using the electronic mail to impersonate someone. Sensitive information could be usernames, passwords, credit card numbers & pin. Phishing is a type of scam that often leads to loss of money, in case of internet banking, or identity thefts. Phishing emails may also contain links to websites that are malware infected. This cause a greater risk to data loss.

Phishing remains a continual threat even in 2015 and the risk is somehow changing shape and rising with the growing number of social network users. Cyber criminals are now targeting user on social network sites with similar technique as in phishing emails. Users are tempted to believe in a text/post and click on links that lead to an external website either hosting malware or designed to capture sensitive information such as usernames and passwords.