I don't know how new this is to be honest. I just made a comment to the list because it was the first phishing email I received that uses dynamic DNS and thought it was interesting.
On 12/12/05, Barrie Dempster <[EMAIL PROTECTED]> wrote: > On Mon, 2005-12-12 at 10:22 +0000, pagvac wrote: > > I got another Paypal phishing attempt today (I get about one every week :-) > > ). > > > > The interesting thing about this attempt is that the phisher seems to > > be using a dynamic DNS service to gain the trust from the victim. > > > > In this case the html link was pointing to http://www.paypal.25u.com > > which doesn't seem to resolve at this moment. > > > > www.paypal.25u.com does of course look more legitimate than some > > random IP address in which the word "paypal" is not included. > > They are new to phishing and didn't have the carding facilities to get > themselves a registered domain that looks similar enough to Paypal. ;-) > > When this phishing attempt reaps them some required information they > will graduate to investing a few pennies in a domain. > > This isn't terribly interesting or innovative, malware have been using > this sort of technique for quite some time. > > -- > With Regards.. > Barrie Dempster (zeedo) - Fortiter et Strenue > > "He who hingeth aboot, geteth hee-haw" Victor - Still Game > > blog: http://reboot-robot.net > sites: http://www.bsrf.org.uk - http://www.security-forums.com > ca: https://www.cacert.org/index.php?id=3 > > > -- pagvac (Adrian Pastor) www.ikwt.com - In Knowledge We Trust _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
