lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <Pine.LNX.4.21.0606211627110.3840-100000@linuxbox.org>
Date: Wed, 21 Jun 2006 16:29:10 -0500 (CDT)
From: Gadi Evron <ge@...uxbox.org>
To: full-disclosure@...ts.grok.org.uk
Cc: bugtraq@...urityfocus.com
Subject: phishing and comment spam


Today we received one of the first phish attempts to be made as a web spam
(comment spam / blog spam) attempt.

I wasn't convinced, and thought that perhaps it was a way to gather and
verify RELEVANT online identities. Someone put me straight. It's phishing.

I've often in the past had run-ins with the good folks in the anti virus
realm back between 1996 and 2005 who thought Trojan horses and then
spyware were not part of their business. Years later the AV business
people ruled it is part of their business and ran to catch up. Same with
botnets.
I've often had friendly discussions with anti spam folks who said phishing
isn't part of the spam problem, or interesting to them. Or that if spam is
done on a medium other than email, it obviously isn't spam and needs a new
name.

They were wrong. I wasn't very smart in how I approached the subject
matter, though.

Today, most anti spam experts consider phishing a priority. Today, Trojan
horses, bots and spyware are considered a priority with AV-ers.

Web related spam is still in the terminology and turf fighting stage, but
with the increasing ROI and interest combined with the decreased success
of other mediums over time, we can see the results for our selves.

Where there is ROI, the Bad Guys adapt. The Good Guys are a step behind
regardless of faith, as we are inherently reactive. Still, we should stop
being surprised. :)

Today, phishing makes the transition to yet another medium, which is
comment spam.

Here is a quote of the phish, as it came in the comment spam earlier
today:

"HEllo, i just wanted to say, after 3 years of playing neopets,
i have
gotten bored with it and have decided to quit. insted of letting my
neopoints and items just sit there and rot, i am gonna give them away. in
my years of playing i have made about 6 million neopints and have a couple
million neopoints worth of items. all you need to do is send me your
screenname and password so i can put the stuff in your account and a
reason stating why i should give you my hard earned items."

So, we start with neopets and move on to the rest. Welcome phishing to yet
another distribution channel, the world of comment spam.

	Gadi.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ