lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <Pine.LNX.4.44.0602222340370.8837-100000@bugsbunny.castlecops.com>
Date: Wed, 22 Feb 2006 23:41:04 -0500 (EST)
From: Paul Laudanski <zx@...tlecops.com>
To: Geoff Vass <geoff@...zow.com.au>
Cc: bugtraq@...urityfocus.com
Subject: RE: Amazon phishing scam on Yahoo servers


Thanks for the reply, I'm seeing all sorts of strange URLs being used for 
the popular sites such as banks and ebay, amazon, paypal.  Amazing isn't 
it?

On Wed, 22 Feb 2006, Geoff Vass wrote:

> Other domains used for phishing I have seen are paypal-unlocking.net,
> secure.commonwealth-banking.com and
> citibusinessonline.da-us.citybizcorp.com.
> 
> Surely someone, somewhere, has to take some responsibility for allowing
> domains to be created which are clearly and obviously bogus. Who could
> possibly have a reason to register paypal-unlocking.net?
> 
> It's also interesting to "Google" the names of the people registering
> some of these domains, I have seen a few who were famous for one reason
> or another. I wonder if it's possible to register a domain with the name
> George W Bush or F. Castro..
> 
> Cheers
> Geoff Vass
> 
> -----Original Message-----
> From: Paul Laudanski [mailto:zx@...tlecops.com] 
> Sent: Tuesday, 21 February 2006 18:11
> To: bugtraq@...urityfocus.com
> Subject: Amazon phishing scam on Yahoo servers
> 
> 
> We just got some emails for amazon phishing scams.  Turns out the scam 
> domain was registered just today (same day).  Internic and others aren't
> 
> reporting it, but Melbourne IT does.  Phishing site resides on Yahoo's 
> servers, but their Abuse department closed at 5pm.  A full 6 or so hours
> 
> to run before they open back up.
> 
> 
> Assessment:
> http://castlecops.com/a6531-Amazon_phishing_scam_on_Yahoo_servers.html
> 
> 

-- 
Paul Laudanski, Microsoft MVP Windows-Security
[de] http://de.castlecops.com
[en] http://castlecops.com
[wiki] http://wiki.castlecops.com
[family] http://cuddlesnkisses.com

[This message is for the designated recipient(s) only and may contain
privileged or confidential information.  If you have received it in error,
please notify the sender immediately and delete the original. Any other
use of the email by you is prohibited.]




Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ