| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon Dec 12 11:03:09 2005 From: barrie at reboot-robot.net (Barrie Dempster) Subject: Phishers now abusing dynamic DNS services On Mon, 2005-12-12 at 10:22 +0000, pagvac wrote: > I got another Paypal phishing attempt today (I get about one every week :-) ). > > The interesting thing about this attempt is that the phisher seems to > be using a dynamic DNS service to gain the trust from the victim. > > In this case the html link was pointing to http://www.paypal.25u.com > which doesn't seem to resolve at this moment. > > www.paypal.25u.com does of course look more legitimate than some > random IP address in which the word "paypal" is not included. They are new to phishing and didn't have the carding facilities to get themselves a registered domain that looks similar enough to Paypal. ;-) When this phishing attempt reaps them some required information they will graduate to investing a few pennies in a domain. This isn't terribly interesting or innovative, malware have been using this sort of technique for quite some time. -- With Regards.. Barrie Dempster (zeedo) - Fortiter et Strenue "He who hingeth aboot, geteth hee-haw" Victor - Still Game blog: http://reboot-robot.net sites: http://www.bsrf.org.uk - http://www.security-forums.com ca: https://www.cacert.org/index.php?id=3 -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 1859 bytes Desc: not available Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20051212/260ec244/smime.bin
Powered by blists - more mailing lists