Bruce Schneier called these "URL semantic attacks", but now that I've heard it, I like phishing better. I've seen a couple of really devious variations. Both of these require HTML email. (I know.. it's evil, but common) both had an apparently perfectly valid looking ebay or paypal URL, but when clicked on went to www.eboy.net and www.paypa1.com (that's a 1 in the second URL, not an "L").
The ways they achieved the perfectly looking URL were:
1) The entire message (supposedly) from ebay was actually an image/link, not just the blue underlined text. (but I didn't know this until I followed it.. I knew it was a scam, but I wanted to see how it worked.)
2) The "URL" was actually inside another <a href=...> </a> tag. They scammers had just escaped the brackets.
I'm thoroughly convinced that most people don't have the technical savvy to try to detect URL fraud, and so must be trained to do so contextually rather than technically (Why would my bank send me an email asking for my PIN, especially since I didn't give them this email address.) I figure that most geeks aren't going to fall for this, but I imagine that a lot of identity theft occurs this way.
-- Mitch
_______________________________________________ vox-tech mailing list [EMAIL PROTECTED] http://lists.lugod.org/mailman/listinfo/vox-tech
