l i n u x - u s e r s - g r o u p - o f - d a v i s
Next Meeting:
July 7: Social gathering
Next Installfest:
Latest News:
Jun. 14: June LUGOD meeting cancelled
Page last updated:
2003 Sep 25 07:30

The following is an archive of a post made to our 'vox-tech mailing list' by one of its subscribers.

Report this post as spam:

(Enter your email address)
Re: [vox-tech] one of the most pernicious spams i've ever seen.
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [vox-tech] one of the most pernicious spams i've ever seen.

On Thu, Sep 25, 2003 at 09:49:45AM -0400, Rob Rogers wrote:
> On Thu, Sep 25, 2003 at 06:30:32AM -0700, p@dirac.org wrote:
> > when you feed a browser the given url, the citibank page comes up.  but
> > you also get a small page with a form that asks for your bank account
> > number and PIN.
> [snip]
> > my question is -- how is this done?  how does this URL:
> > 
> > http://www.citibank.com:ac=VybznNffNxknAUxPrfE2jYaQUptJ@a3ksd.PiSeM.NeT/3/?IYTEw
> > 4eVTtbH1w6CpDrT
> > 
> > bring up citibank.com's webpage and then another page with the
> > account/PIN grabber?  i've never seen anything like this before.

Hit send too soon... the other thing I wanted to bring up is it's not
uncommon to see this sort of URL encoded in hex after the part they want
you to see. This one was confusing enough, but you'll often also see
something like:


which unencoded becomes http://www.citibank.com.a3ksd.PiSeM.NeT

Just as in the url in your email, most people will see everything up to
the first "unusual" character, and won't bother to look any further.

By the way, this method of trying to steal personal info by trying to
appear as coming from a legitimate company is called phishing.
vox-tech mailing list

LUGOD Group on LinkedIn
Sign up for LUGOD event announcements
Your email address:
LUGOD Group on Facebook
'Like' LUGOD on Facebook:

Hosting provided by:
Sunset Systems
Sunset Systems offers preconfigured Linux systems, remote system administration and custom software development.

LUGOD: Linux Users' Group of Davis
PO Box 2082, Davis, CA 95617
Contact Us

LUGOD is a 501(c)7 non-profit organization
based in Davis, California
and serving the Sacramento area.
"Linux" is a trademark of Linus Torvalds.

Sponsored in part by:
O'Reilly and Associates
For numerous book donations.