lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <A82970EA8CB06C4C8E8F9CF2D4290193887650@msc005.msc.local>
From: pfcdh1 at matsu.alaska.edu (Hamby, Charles D.)
Subject: US Bank scam

This is a slick phishing scam, I have to admit.  One thing I noticed
though; 
I printed the various pages of the website out with IE to use as an
example and I noticed that the real URL appeared at the bottom of each
page as opposed to the bogus one.  I thought that was interesting.  Has
anyone else 
noticed that this occurs with other phishing sites or is it just unique
to this case?

Charles Hamby

-----Original Message-----
From: full-disclosure-admin@...ts.netsys.com
[mailto:full-disclosure-admin@...ts.netsys.com] On Behalf Of Eric
LeBlanc
Sent: Tuesday, June 15, 2004 9:59 AM
To: full-disclosure@...ts.netsys.com
Subject: [SPAM] - Re: [Full-Disclosure] US Bank scam - Email found in
subject

On Tue, 15 Jun 2004, David Lederman wrote:

> This is the best phishing scam I've seen yet:
> http://www.bis1bp.com/a12/index.html
>
> I have Windows Server 2003 fully patched and this works. The program
fakes an address bar so this
> would pass through most people's safety check, after all the address
bar clearly has the correct
> address.
>
> There are bugs in the code, for example, all your Internet Explorer
windows will now have this
> address, but again for most people would only have one window open.
>

If you have google's toolbar or something similar, it will overwrite
this
toolbar and not the address bar.

But, I must admit that this thing is ingenious !

E.
--
Eric LeBlanc
inouk@....net
--------------------------------------------------
UNIX is user friendly.
It's just selective about who its friends are.
==================================================

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html




Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ