[12750] in cryptography@c2.net mail archive
Re: Tools for anonymous blogging
daemon@ATHENA.MIT.EDU (R. Hirschfeld)
Wed Mar 12 19:57:20 2003
X-Original-To: cryptography@wasabisystems.com
X-Original-To: cryptography@wasabisystems.com
Date: Thu, 13 Mar 2003 01:55:25 +0100
From: "R. Hirschfeld" <ray@unipay.nl>
To: schear@attbi.com
Cc: cox-work@djehuti.com, cryptography@wasabisystems.com
In-reply-to: <5.1.0.14.2.20030312113931.048946b8@mail.attbi.com> (message from
Steve Schear on Wed, 12 Mar 2003 11:49:56 -0800)
Reply-To: ray@unipay.nl
> Date: Wed, 12 Mar 2003 11:49:56 -0800
> From: Steve Schear <schear@attbi.com>
>
> Are you certain that the email originated with E-gold? Their policy is not
> to email ads nor contact their clients via email. Check the links and headers.
And check the form tag's action attribute. These fraud attempts are
getting sneaky--the last one I received used genuine www.e-gold.com
links throughout but had:
<form method="post" name="f" action="http://www.e-gold.com@%72%6f%6e%61%6c%64%31%31%32%2e%68%79%70%65%72%6d%61%72%74%2e%6e%65%74/%69%6e%64%65%78%2e%70%68%70">
If you decode the URL-encoded gubbish you see that it doesn't really
go to e-gold at all (but rather ronald112.hypermart.net in this case).
Ray
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@wasabisystems.com
