Detail:
Today i received the following phising attempt:





The landing page was: http://216.75.9.97/stornat/B05ATX-381BQ-16241624.EGV-T00672X/do.html


The landing page is a exact copy of https://banking.postbank.de/rai/login . In the phising process you are asked for your account number and the pin code. after you submit that information (very bad idea), you must enter detailed private information, i.e. Fullname, Address, ... The phising process is now complete and a cookie named nume (content: cevreitu) was created. The landing page now always redirects to the correct Postbank.de Loginpage.



The bad site is hosted by:


OrgName: CariNet, Inc.
OrgId: CARIN-6
Address: 8929 COMPLEX DR
City: SAN DIEGO
StateProv: CA
PostalCode: 92123
Country: US



I sent to mail to them, let's look what happens :)


UPDATE: landing page removed