User not logged in - login - register
Home Calendar Books School Tool Photo Gallery Message Boards Users Statistics Advertise Site Info
go to bottom | |
 Message Boards » » phishers Page [1]  
psnarula
All American
1540 Posts
user info
edit post

got an email from "amazon.com" today with a hyperlink that looked like this:

<a href="http://secure.amazon.com.amazonsaccess.com/
signin.php?exec/obidos/flex-sign-in/ref=gw_hp_si/103-3177084-
7567864?opt=a&page=recs/sign-in-secure.html&response=tg/
recs/recs-post-login-dispatch/-/recs/pd_rw_gw_ur/ref=xxx_x/x-x&ref=xxx&emaddr=xxx@xxx.xxx.edu">https://www.amazon.
com/exec/obidos/flex-sign-in/ref=pd_irl_gw_r/
103-3177084-7567864?opt=oa&page=recs/sign-in-secure.html</a>


so just for kicks i fired up:

http://secure.amazon.com.amazonsaccess.com/signin.php

these guys are getting more and more sophisticated...

[Edited on September 10, 2005 at 2:52 PM. Reason : asdf]

9/10/2005 2:49:52 PM

dFshadow
All American
9507 Posts
user info
edit post

and then you scroll down to the bottom and you see that they....fucked up.

but i could see how an average schmoe would get sucked in to that trap.

[Edited on September 10, 2005 at 3:26 PM. Reason : better yet, you click on any other link and see that they....fucked up.]

9/10/2005 3:21:22 PM

Incognegro
Suspended
4172 Posts
user info
edit post

the best thing to do is set up a script to bomb the CGI with fake username/password combos to pollute their DB

9/10/2005 4:22:46 PM

Charybdisjim
All American
5486 Posts
user info
edit post

meh, I entered a real email adress (one of my spam accounts) and a fake password and it returned an error. it's possible it only accepts passwords for accounts with email adresses matching the list of spam recipients. either that or it just spits out an error as a default response.

9/10/2005 4:47:37 PM

jahosephat
All American
3130 Posts
user info
edit post

there are a lot of very subtle mistakes like 31 not 32 and the beginning (c) date is off by a year and the fonts are slightly smaller etc...

9/12/2005 5:01:13 PM

 Message Boards » Tech Talk » phishers Page [1]  
go to top | |
Admin Options : move topic | lock topic

© 2024 by The Wolf Web - All Rights Reserved.
The material located at this site is not endorsed, sponsored or provided by or on behalf of North Carolina State University.
Powered by CrazyWeb v2.39 - our disclaimer.