A few weeks back Rob Slade wrote: > As I was sending along my daily allotment of phishing spam to the research > sites, I > noticed, in the message: > > Message-ID: <[email protected]> > From: Halifax Security Department > > <html> > <head> > <title>Crooks In Action - Jenson Farrago Phishing - Halifax</title> > <meta content=true name=MSSmartTagsPreventParsing> > <meta name="description" content ="Jenson Farrago's collection of > > emails from Crooks In Action"> > <meta name="keywords" content="Jenson Farrago, life.etl, Henry T. > Smith, Crooks In Action, 419 scams, advance fee, time wasters, > Nigerian email fraud, bogus lottery, bogus jobs & business > opportunities, identity theft, phishing, pills, internet medication, > penny stocks"> > <meta name="generator" content="Microsoft FrontPage 5.0">
FWIW, this means that these phishers are lazy/cheap and have lifted their phishing scam message source directly from: http://www.htspweb.co.uk/cia/crooks.htm rather than doing a few hours works of their own, getting one of the free phishing template kits (which are widely known to be backdoored and the tide is swinging away from web-hosted pages to "attached HTML forms" anyway), or shelling out a few bucks for a commercial template collection (which may also be backdoored -- theivees these days...). Regardless of their laziness/cheapness these guys are clearly quite stupid to not even edit the HTML... Regards, Nick FitzGerald _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
