[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Full-disclosure] Phishers now abusing dynamic DNS services

To: full-disclosure@xxxxxxxxxxxxxxxxx
Subject: [Full-disclosure] Phishers now abusing dynamic DNS services
From: pagvac <unknown.pentester@xxxxxxxxx>
Date: Mon, 12 Dec 2005 10:22:56 +0000

I got another Paypal phishing attempt today (I get about one every week :-) ).

The interesting thing about this attempt is that the phisher seems to
be using a dynamic DNS service to gain the trust from the victim.

In this case the html link was pointing to http://www.paypal.25u.com
which doesn't seem to resolve at this moment.

www.paypal.25u.com does of course look more legitimate than some
random IP address in which the word "paypal" is not included.


--
pagvac (Adrian Pastor)
www.ikwt.com - In Knowledge We Trust
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Follow-Ups:
- Re: [Full-disclosure] Phishers now abusing dynamic DNS services
  - From: Nick FitzGerald
- Re: [Full-disclosure] Phishers now abusing dynamic DNS services
  - From: Barrie Dempster
- Re: [Full-disclosure] Phishers now abusing dynamic DNS services
  - From: Florian Weimer

Prev by Date: Re: [Full-disclosure] [scip_Advisory] NetGear RP114 Flooding Denial ofService
Next by Date: Re: [Full-disclosure] Phishers now abusing dynamic DNS services
Previous by thread: Re: [Full-disclosure] Re: [scip_Advisory] NetGear RP114 Flooding Denialof Service
Next by thread: Re: [Full-disclosure] Phishers now abusing dynamic DNS services
Index(es):
- Date
- Thread