[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <Pine.LNX.4.44.0602222339160.8837-100000@bugsbunny.castlecops.com>
Date: Wed, 22 Feb 2006 23:39:50 -0500 (EST)
From: Paul Laudanski <zx@...tlecops.com>
To: Steve Friedl <steve@...xwiz.net>
Cc: bugtraq@...urityfocus.com
Subject: Re: Amazon phishing scam on Yahoo servers
Excellent then, they got my email and ran with it. Amazing how fast this
whole thing was.
On Tue, 21 Feb 2006, Steve Friedl wrote:
> On Tue, Feb 21, 2006 at 02:40:41AM -0500, Paul Laudanski wrote:
> > servers, but their Abuse department closed at 5pm. A full 6 or so hours
> > to run before they open back up.
>
> Oh yah? Yahoo Paranoids jumped right on this...
>
> $ dig www.user-unlock-amazon.com a
>
> ; <<>> DiG 9.3.0 <<>> www.user-unlock-amazon.com a
> ;; global options: printcmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 13061
> ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
>
> ;; QUESTION SECTION:
> ;www.user-unlock-amazon.com. IN A
>
> (translation: the domain is dead at the Y! nameservers)
>
> Go Yahoo! :-)
>
> Steve
>
>
--
Paul Laudanski, Microsoft MVP Windows-Security
[de] http://de.castlecops.com
[en] http://castlecops.com
[wiki] http://wiki.castlecops.com
[family] http://cuddlesnkisses.com
[This message is for the designated recipient(s) only and may contain
privileged or confidential information. If you have received it in error,
please notify the sender immediately and delete the original. Any other
use of the email by you is prohibited.]
Powered by blists - more mailing lists