[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-Disclosure] HOTMAIL / PASSPORT: phishing expedition

To: <1@xxxxxxxxxxx>, <full-disclosure@xxxxxxxxxxxxxxxx>
Subject: Re: [Full-Disclosure] HOTMAIL / PASSPORT: phishing expedition
From: "morning_wood" <se_cur_ity@xxxxxxxxxxx>
Date: Thu, 18 Mar 2004 14:26:31 -0800

> buddy<iframe src="http://www.malware.com/pithy.html";>
so could this url be considered a "phishing scam" ?
 regardless of your implied intent? It does pretend
to be a genuine login, and i am sure you are collecting successfull
attempts to a log ( right? ). Has your "demo" oversteped the bounds
of  "security research" into the realm of "collecting confidental 
( login / password ) information for purposes of access circumvention" ?

currious,

Donnie Werner
http://exploitlabs.com

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

References:
- [Full-Disclosure] HOTMAIL / PASSPORT: phishing expedition
  - From: http-equiv@xxxxxxxxxx

Prev by Date: Administrivia (was: RE: [Full-Disclosure] Re: Microsoft Security, baby steps ? )
Next by Date: Re: [Full-Disclosure] Emailing SSN info
Previous by thread: [Full-Disclosure] HOTMAIL / PASSPORT: phishing expedition
Next by thread: [Full-Disclosure] Malware added to transmissions
Index(es):
- Date
- Thread