[ILUG] fascinating paypal spam
Justin Mason
jm at jmason.org
Thu Apr 21 17:27:51 IST 2005
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
kevin lyda writes:
> about the only spam i see is paypal phishing spam. it's not impossible
> to block, but i find it interesting to see the various types of phishing
> out there. this was in the latest one i got:
>
> <A href="http://searchfar.com/.bashrc/login.html"target=_self><FONT
> face=Verdana
> size=2>http://www.paypal.com/cgi-bin/webscr?cmd=_login-run</FONT></A>
>
> it seems that http://searchfar.com/ is a legitimate site (although it
> looks like some kind of advertising scam thing). and it looks like
> someone has cracked their site and installed some scripts in a .bashrc
> directory: http://searchfar.com/.bashrc/ .
>
> an amusing way to hide your evil files.
Yes -- cracked servers are the new new thing for phish gangs.
In case it isn't clear, these guys are quite into doing
whatever criminal things are necessary ;)
Using ".bashrc" as the filename is a smart trick though;
a lot less obvious than ".. " or similar.
- --j.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (GNU/Linux)
Comment: Exmh CVS
iD8DBQFCZ9SHMJF5cimLx9ARAtGMAJ41xnpHifN3z+iRiAYuC+HDfcHEAQCcDGAL
354M7zDg8woekG318raoAJI=
=6Rtj
-----END PGP SIGNATURE-----
More information about the ILUG
mailing list