Stage1
12-11-2005, 01:09 PM
I recieved an email from cyoto that someone is phishing from my account how this happened i do not know but i am unsure how to remove this problem, here is a copy of the email, i also have no clients and am currently stil setting up my business:
The site is back online - pleaae shut it down again.
Dear Sirs:
Cyota, an anti-fraud and security company, is under contract to assist Royal Bank of Canada and its related entities (R20;RBCR21;) - A leading Canadian bank - in preventing or terminating online activity that targets RBCR17;s clients as potential fraud victims.
Cyota has been made aware that you appear to be providing Internet Services to a fraudulent Web site, which is part of a R20;phishing scamR21;*. This activity violates RBCR17;s copyright, trademark and other intellectual property rights and may violate the criminal laws of Canada, the United States and other nations.
E-mail messages have been broadly distributed to individuals by a person or entity pretending to be RBC. These e-mails use RBCR17;s name and identity (including trademarks) without authorization. The e-mails request recipients to verify and submit sensitive details related to their RBC accounts.
Within the fraudulent e-mail message, there is a link that leads the recipients to a fraudulent website displaying RBCR17;s copyrighted materials and trademarks. The fraudulent website is located at the following URL address http://66.29.18.51/images/stories/food/cgi-bin/rbaccess/rbunxcgiF6=1&F7=IB&F21=IB&F22/IB&REQUEST=ClientSignin&LANGUAGE=ENGLISH/ ) to which you provide services and which is under your control.
The fraudulent website not only represents a misuse of RBCR17;s intellectual property; its purpose is to improperly obtain personal information of RBC customers in order to fraudulently access their bank accounts. The people behind those websites typically perpetrate identity-theft related activities, such as using customerR17;s credit cards or bank accounts without authorization. In addition, since the vast majority of all of the e-mails are not being sent to actual RBC customers, the actions serve to damage the reputation and image of RBC.
Please take all necessary steps to immediately shut down the fraudulent website, terminate its availability to the Internet and discontinue the transmission of any e-mails associated with this website.
We understand that you may not be aware of this improper use of your services and we appreciate your cooperation. We specifically would ask that you also take the following actions:
R26; Please provide us with a tar/zip file of the source code for this site, so that we may analyze it to help prevent further attacks.
R26; If any customer data has been captured that is stored on your systems or equipment, please send us that data so that the customers to whom that data relates can be notified and take steps to protect their credit.
R26; Please provide a copy of any records you maintain that indicate the name, contact information, method of payment or similar information that may be useful in helping learn the identity and location of the customer for whom the website has been operated.
Thank you for your cooperation to prevent and terminate this fraudulent activity.
The site is back online - pleaae shut it down again.
Dear Sirs:
Cyota, an anti-fraud and security company, is under contract to assist Royal Bank of Canada and its related entities (R20;RBCR21;) - A leading Canadian bank - in preventing or terminating online activity that targets RBCR17;s clients as potential fraud victims.
Cyota has been made aware that you appear to be providing Internet Services to a fraudulent Web site, which is part of a R20;phishing scamR21;*. This activity violates RBCR17;s copyright, trademark and other intellectual property rights and may violate the criminal laws of Canada, the United States and other nations.
E-mail messages have been broadly distributed to individuals by a person or entity pretending to be RBC. These e-mails use RBCR17;s name and identity (including trademarks) without authorization. The e-mails request recipients to verify and submit sensitive details related to their RBC accounts.
Within the fraudulent e-mail message, there is a link that leads the recipients to a fraudulent website displaying RBCR17;s copyrighted materials and trademarks. The fraudulent website is located at the following URL address http://66.29.18.51/images/stories/food/cgi-bin/rbaccess/rbunxcgiF6=1&F7=IB&F21=IB&F22/IB&REQUEST=ClientSignin&LANGUAGE=ENGLISH/ ) to which you provide services and which is under your control.
The fraudulent website not only represents a misuse of RBCR17;s intellectual property; its purpose is to improperly obtain personal information of RBC customers in order to fraudulently access their bank accounts. The people behind those websites typically perpetrate identity-theft related activities, such as using customerR17;s credit cards or bank accounts without authorization. In addition, since the vast majority of all of the e-mails are not being sent to actual RBC customers, the actions serve to damage the reputation and image of RBC.
Please take all necessary steps to immediately shut down the fraudulent website, terminate its availability to the Internet and discontinue the transmission of any e-mails associated with this website.
We understand that you may not be aware of this improper use of your services and we appreciate your cooperation. We specifically would ask that you also take the following actions:
R26; Please provide us with a tar/zip file of the source code for this site, so that we may analyze it to help prevent further attacks.
R26; If any customer data has been captured that is stored on your systems or equipment, please send us that data so that the customers to whom that data relates can be notified and take steps to protect their credit.
R26; Please provide a copy of any records you maintain that indicate the name, contact information, method of payment or similar information that may be useful in helping learn the identity and location of the customer for whom the website has been operated.
Thank you for your cooperation to prevent and terminate this fraudulent activity.