Re: [Full-Disclosure] HOTMAIL / PASSPORT: phishing expedition

From: morning_wood (se_cur_ity_at_hotmail.com)
Date: 03/18/04

  • Next message: Nick FitzGerald: "Administrivia (was: RE: [Full-Disclosure] Re: Microsoft Security, baby steps ? )"
    To: <1@malware.com>, <full-disclosure@lists.netsys.com>
    Date: Thu, 18 Mar 2004 14:26:31 -0800
    
    

    > buddy<iframe src="http://www.malware.com/pithy.html">
    so could this url be considered a "phishing scam" ?
     regardless of your implied intent? It does pretend
    to be a genuine login, and i am sure you are collecting successfull
    attempts to a log ( right? ). Has your "demo" oversteped the bounds
    of "security research" into the realm of "collecting confidental
    ( login / password ) information for purposes of access circumvention" ?

    currious,

    Donnie Werner
    http://exploitlabs.com

    _______________________________________________
    Full-Disclosure - We believe in it.
    Charter: http://lists.netsys.com/full-disclosure-charter.html


  • Next message: Nick FitzGerald: "Administrivia (was: RE: [Full-Disclosure] Re: Microsoft Security, baby steps ? )"