[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Full-Disclosure] US Bank scam

To: full-disclosure@xxxxxxxxxxxxxxxx
Subject: [Full-Disclosure] US Bank scam
From: David Lederman <delphi4pro@xxxxxxxxx>
Date: Tue, 15 Jun 2004 09:29:50 -0700 (PDT)

This is the best phishing scam I've seen yet:
http://www.bis1bp.com/a12/index.html

I have Windows Server 2003 fully patched and this works. The program fakes an 
address bar so this
would pass through most people's safety check, after all the address bar 
clearly has the correct
address. 

There are bugs in the code, for example, all your Internet Explorer windows 
will now have this
address, but again for most people would only have one window open.




                
__________________________________
Do you Yahoo!?
Yahoo! Mail is new and improved - Check it out!
http://promotions.yahoo.com/new_mail

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Follow-Ups:
- Re: [Full-Disclosure] US Bank scam
  - From: Eric LeBlanc
- RE: [Full-Disclosure] US Bank scam
  - From: Scott Dodson

Prev by Date: Re: [Full-Disclosure] Yahoo upgraded all accounts to 100MB
Next by Date: [Full-Disclosure] Re: Full-Disclosure digest, Vol 1 #1707 - 14 msgs (This message is automatically generated by Groupwise. Apologies for not being able to attend to your)
Previous by thread: [Full-Disclosure] MAGIC XSS INTO THE DNS: coelacanth
Next by thread: Re: [Full-Disclosure] US Bank scam
Index(es):
- Date
- Thread