Steve Pirk wrote: > Another site that puts up a warning instead of just taking > down a phishing site: > > http://www.bh2day.net/medialoader/midi2/Flagstar.html.3gp
By the time you posted, the target site had been "defaced". I was looking at it about an hour earlier and it had already been defaced then. I'm guessing that either the phisher installed and left an open "PHP shell" (or similar) as part of his compromise/hack/phish kit or the site had some other obvious access method which someone p*ssed at the phish attempt took upon themselves to use to "fix" the phishing site. Not common, but not entirely uncommon either... Regards, Nick FitzGerald _______________________________________________ phishing mailing list [email protected] http://www.whitestar.linuxbox.org/mailman/listinfo/phishing
