Re: [Full-Disclosure] HOTMAIL / PASSPORT: phishing expedition
From: morning_wood (se_cur_ity_at_hotmail.com)
Date: 03/18/04
- Previous message: Curt Purdy : "Re: [Full-Disclosure] Emailing SSN info"
- In reply to: http-equiv_at_excite.com: "[Full-Disclosure] HOTMAIL / PASSPORT: phishing expedition"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: <1@malware.com>, <full-disclosure@lists.netsys.com> Date: Thu, 18 Mar 2004 14:26:31 -0800
> buddy<iframe src="http://www.malware.com/pithy.html">
so could this url be considered a "phishing scam" ?
regardless of your implied intent? It does pretend
to be a genuine login, and i am sure you are collecting successfull
attempts to a log ( right? ). Has your "demo" oversteped the bounds
of "security research" into the realm of "collecting confidental
( login / password ) information for purposes of access circumvention" ?
currious,
Donnie Werner
http://exploitlabs.com
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
- Previous message: Curt Purdy : "Re: [Full-Disclosure] Emailing SSN info"
- In reply to: http-equiv_at_excite.com: "[Full-Disclosure] HOTMAIL / PASSPORT: phishing expedition"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
