[ILUG] fascinating paypal spam
Nils Olofsson
lists at olofsson.tv
Thu Apr 21 18:56:42 IST 2005
On Thu, 2005-04-21 at 09:27 -0700, Justin Mason wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
>
> kevin lyda writes:
> > about the only spam i see is paypal phishing spam. it's not impossible
> > to block, but i find it interesting to see the various types of phishing
> > out there. this was in the latest one i got:
> >
> > <A href="http://searchfar.com/.bashrc/login.html"target=_self><FONT
> > face=Verdana
> > size=2>http://www.paypal.com/cgi-bin/webscr?cmd=_login-run</FONT></A>
> >
> > it seems that http://searchfar.com/ is a legitimate site (although it
> > looks like some kind of advertising scam thing). and it looks like
> > someone has cracked their site and installed some scripts in a .bashrc
> > directory: http://searchfar.com/.bashrc/ .
> >
> > an amusing way to hide your evil files.
>
> Yes -- cracked servers are the new new thing for phish gangs.
> In case it isn't clear, these guys are quite into doing
> whatever criminal things are necessary ;)
>
> Using ".bashrc" as the filename is a smart trick though;
> a lot less obvious than ".. " or similar.
>
I have emailed Paypal a number of times with details of emails that i
receive, I have yet to receive an acknowledgement from them.
nils
More information about the ILUG
mailing list