l i n u x - u s e r s - g r o u p - o f - d a v i s
Next Meeting:
July 7: Social gathering
Next Installfest:
Latest News:
Jun. 14: June LUGOD meeting cancelled
Page last updated:
2003 Sep 25 11:46

The following is an archive of a post made to our 'vox-tech mailing list' by one of its subscribers.

Report this post as spam:

(Enter your email address)
Re: [vox-tech] one of the most pernicious spams i've ever seen.
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [vox-tech] one of the most pernicious spams i've ever seen.

On Thu, Sep 25, 2003 at 07:36:13AM -0700, Mitch Patenaude wrote:
> I've seen a lot of these (my email address is 7 years old.. and has 
> been published a lot.  I get a lot of spam).
> Bruce Schneier called these "URL semantic attacks", but now that I've 
> heard it, I like phishing better.  I've seen a couple of really devious 
> variations.  Both of these require HTML email. (I know.. it's evil, but 
> common)  both had an apparently perfectly valid looking ebay or paypal 
> URL, but when clicked on went to www.eboy.net and www.paypa1.com 
> (that's a 1 in the second URL, not an "L").
> The ways they achieved the perfectly looking URL were:
> 1) The entire message (supposedly) from ebay was actually an 
> image/link, not just the blue underlined text. (but I didn't know this 
> until I followed it.. I knew it was a scam, but I wanted to see how it 
> worked.)
> 2) The "URL" was actually inside another <a href=...> </a> tag.  They 
> scammers had just escaped the brackets.
> I'm thoroughly convinced that most people don't have the technical 
> savvy to try to detect URL fraud, and so must be trained to do so 
> contextually rather than technically (Why would my bank send me an 
> email asking for my PIN, especially since I didn't give them this email 
> address.)  I figure that most geeks aren't going to fall for this, but 
> I imagine that a lot of identity theft occurs this way.

I think people need to learn to be wary of giving out ANY personal info
online no matter what the circumstances. The most common cases of
phishing do seem to go after ebay/papal, and the larger ISPs (mainly AOL
and MSN). One recent one posing as an MSN page came as an email saying
your credit card charge didn't go through, and your MSN account would be
canceled if you didn't update your info. On the page it asked for:

CCV (that 3 digit number at the end of the signature panel)
Pin #
Mother's maiden name.
MSN Acct name
MSN password
Social security #

I don't see how you could not be suspicious at giving away that much
info, but there were a couple dozen people taken in by it.

vox-tech mailing list

LUGOD Group on LinkedIn
Sign up for LUGOD event announcements
Your email address:
LUGOD Group on Facebook
'Like' LUGOD on Facebook:

Hosting provided by:
Sunset Systems
Sunset Systems offers preconfigured Linux systems, remote system administration and custom software development.

LUGOD: Linux Users' Group of Davis
PO Box 2082, Davis, CA 95617
Contact Us

LUGOD is a 501(c)7 non-profit organization
based in Davis, California
and serving the Sacramento area.
"Linux" is a trademark of Linus Torvalds.

Sponsored in part by:
O'Reilly and Associates
For numerous book donations.