[ILUG] fascinating paypal spam
kevin lyda
kevin+dated+1114527212.2ac26e at ie.suberic.net
Thu Apr 21 15:53:15 IST 2005
about the only spam i see is paypal phishing spam. it's not impossible
to block, but i find it interesting to see the various types of phishing
out there. this was in the latest one i got:
<A href="http://searchfar.com/.bashrc/login.html"target=_self><FONT
face=Verdana
size=2>http://www.paypal.com/cgi-bin/webscr?cmd=_login-run</FONT></A>
it seems that http://searchfar.com/ is a legitimate site (although it
looks like some kind of advertising scam thing). and it looks like
someone has cracked their site and installed some scripts in a .bashrc
directory: http://searchfar.com/.bashrc/ .
an amusing way to hide your evil files.
anyway, something else to search for in security scripts: normal rc
files existing as directories.
kevin
More information about the ILUG
mailing list