Re: House o' Shame: Amtrak
http://amtrak.bfi0.com/. Lesson for phishers: If you want your phish to seem more legit, outsource it to Bigfoot Interactive, which seems to lead back to Epsilon Agency Services, who specialise in... well, phishing, but for the good guys. I bet the Russian Business Network could do it for less though :-). Having dealt at length with people from BFI/Epsilon, I can confirm that many of them are not the sharpest needles in the etui. This problem is well known in the ESP (bulk mail for hire) industry, and the better ones know how to deal with it. If you are on Orbitz' mailing list, for example, the mail comes from [EMAIL PROTECTED], and the links in the mail all go to http://my.orbitz.com/whatever. Do a few DNS lookups and you'll find NS records from Orbitz that delegate my.orbitz.com to Responsys, their ESP. This is a straightforward and effective way to manage the namespace for outsourced mail, and my biggest question is why so many ESPs don't do it yet. R's, John - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: House o' Shame: Amtrak
Not just Amtrak. The Economist and The New Yorker both do the same thing. I tried engaging them in a discussion on the subject. The Economist never replied, whereas the New Yorker assured me that those addresses were indeed theirs. I haven't figured out how to get past the clueless people whose job is not to be clueful and engage the clueless people whose job should be to be clueful. /ji - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: House o' Shame: Amtrak
Perry E. Metzger [EMAIL PROTECTED] writes: Steve Bellovin documents on his blog a recent attempt by Amtrak to teach its customers to be phishing victims: http://www.cs.columbia.edu/~smb/blog/2008-02/2008-02-13.html From the blog: The next problem, though, is that the message asks people to log in by clicking a link in the message: Go to Amtrak.com now and update your profile http://amtrak.bfi0.com/. It's not just Amtrak that do that, CapitalOne also send out phishing email directing users to bfi0.com. Lesson for phishers: If you want your phish to seem more legit, outsource it to Bigfoot Interactive, which seems to lead back to Epsilon Agency Services, who specialise in... well, phishing, but for the good guys. I bet the Russian Business Network could do it for less though :-). Peter. - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]