| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon Dec 12 19:04:02 2005 From: greed at pobox.com (Graham Reed) Subject: Phishers now abusing dynamic DNS services pagvac writes: > What I mean is that the average user will trust more an URL when > seeing the word "paypal" in it as a domain name, rather than some > dodgy-looking numerical IP address, with a sub-directory called > "paypal". Most users won't even see or notice where the link goes, that's why it works. What you do need the hostname for is, to bypass the alarms on webmail services like Yahoo!, which will display a scary pop-up if you click on a link that's got a numeric IP address for the hostname. It won't alarm on most other types of names. At least, I was able to make up a name and point something in my domain at an arbitrary IP and Yahoo! stopped showing the warning. They may have a blacklist, which would catch phish sites once people know about the hostname. Of course, without HTML mail, they wouldn't be able to show one thing and mean another.... And eBay doesn't help the whole situation: if you read the HTML version of eBay "favorite search" mail, the links take you to some site other than eBay. (Actually, a doubleclick.net address--which is not resolvable on my network.) Fortunately, the plain-text version has right-to-ebay.com links.
Powered by blists - more mailing lists