On Mon, 2005-12-12 at 10:22 +0000, pagvac wrote: > I got another Paypal phishing attempt today (I get about one every week :-) ). > > The interesting thing about this attempt is that the phisher seems to > be using a dynamic DNS service to gain the trust from the victim. > > In this case the html link was pointing to http://www.paypal.25u.com > which doesn't seem to resolve at this moment. > > www.paypal.25u.com does of course look more legitimate than some > random IP address in which the word "paypal" is not included. They are new to phishing and didn't have the carding facilities to get themselves a registered domain that looks similar enough to Paypal. ;-) When this phishing attempt reaps them some required information they will graduate to investing a few pennies in a domain. This isn't terribly interesting or innovative, malware have been using this sort of technique for quite some time. -- With Regards.. Barrie Dempster (zeedo) - Fortiter et Strenue "He who hingeth aboot, geteth hee-haw" Victor - Still Game blog: http://reboot-robot.net sites: http://www.bsrf.org.uk - http://www.security-forums.com ca: https://www.cacert.org/index.php?id=3
Attachment:
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/