yeah this is definitly nothing new -----Original Message----- From: pagvac <[EMAIL PROTECTED]> To: [email protected] Date: Mon, 12 Dec 2005 15:43:36 +0000 Subject: Re: [Full-disclosure] Phishers now abusing dynamic DNS services
> On 12/12/05, Florian Weimer <[EMAIL PROTECTED]> wrote: > > * pagvac: > > > > > The interesting thing about this attempt is that the phisher seems to > > > be using a dynamic DNS service to gain the trust from the victim. > > > > "to gain trust"? Hm? > > Yes. > > What I mean is that the average user will trust more an URL when > seeing the word "paypal" in it as a domain name, rather than some > dodgy-looking numerical IP address, with a sub-directory called > "paypal". > > e.g.: > > http://1.2.3.4/vulnerable_app/paypal > > versus > > http://www.paypal.25u.com > > > Personall I would think that more users would trust the second link. > > > > > This is not really a new thing: > > > > 2005-04-19 08:24:49 ebayfraud.dyndns.org A 220.110.65.252 > > > > > -- > pagvac (Adrian Pastor) > www.ikwt.com - In Knowledge We Trust > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ > _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
