lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Mon Dec 12 11:38:31 2005
From: unknown.pentester at gmail.com (pagvac)
Subject: Phishers now abusing dynamic DNS services

I don't know how new this is to be honest.

I just made a comment to the list because it was the first phishing
email I received that uses dynamic DNS and thought it was interesting.

On 12/12/05, Barrie Dempster <barrie@...oot-robot.net> wrote:
> On Mon, 2005-12-12 at 10:22 +0000, pagvac wrote:
> > I got another Paypal phishing attempt today (I get about one every week :-) ).
> >
> > The interesting thing about this attempt is that the phisher seems to
> > be using a dynamic DNS service to gain the trust from the victim.
> >
> > In this case the html link was pointing to http://www.paypal.25u.com
> > which doesn't seem to resolve at this moment.
> >
> > www.paypal.25u.com does of course look more legitimate than some
> > random IP address in which the word "paypal" is not included.
>
> They are new to phishing and didn't have the carding facilities to get
> themselves a registered domain that looks similar enough to Paypal. ;-)
>
> When this phishing attempt reaps them some required information they
> will graduate to investing a few pennies in a domain.
>
> This isn't terribly interesting or innovative, malware have been using
> this sort of technique for quite some time.
>
> --
> With Regards..
> Barrie Dempster (zeedo) - Fortiter et Strenue
>
> "He who hingeth aboot, geteth hee-haw" Victor - Still Game
>
> blog:  http://reboot-robot.net
> sites: http://www.bsrf.org.uk - http://www.security-forums.com
> ca:    https://www.cacert.org/index.php?id=3
>
>
>


--
pagvac (Adrian Pastor)
www.ikwt.com - In Knowledge We Trust

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ