[34243] in bugtraq
New Adventures In Phishing
daemon@ATHENA.MIT.EDU (Jim Halfpenny)
Thu Mar 25 14:09:47 2004
Date: Thu, 25 Mar 2004 10:44:02 +0000 (GMT)
From: Jim Halfpenny <jim@openanswers.co.uk>
To: bugtraq@securityfocus.com
Message-ID: <Pine.GSO.4.05.10403251036040.20847-100000@openanswers.co.uk>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Hi,
I received a typical phishing email yesterday, and took the usual steps to
inform the owner of the 0wned server hosting the scam as well as the
financial institution concerned. The email I forwarded to said institution
bounced because it, "Could not be checked for viruses."
I suspect the reason was that the attached image was corrupted to evade
virus scanners. My UNIX mail client failed to export the image to disk
because there was an illegal character in the Base64 encoded attachment.
The question is was this a deliberate attempt to delay a response
by preventing a copy being sent to the target organisation. Is this a tool
in the arsenal of phishers to keep their rogue sites up longer?
Regards,
Jim Halfpenny
