Bugtraq mailing list archives
RE: Amazon phishing scam on Yahoo servers
From: Alex Eckelberry <AlexE () sunbelt-software com>
Date: Thu, 23 Feb 2006 16:39:34 -0500
There's a LOT of phishing domains on Yahoo. Apparently all you need to do setup an account is a fake address and phone number. I routinely report it to them. You can always send an email to phishing-abuse () cc yahoo-inc com as well as anyone else you can find. Alex -----Original Message----- From: Paul Laudanski [mailto:zx () castlecops com] Sent: Wednesday, February 22, 2006 11:41 PM To: Geoff Vass Cc: bugtraq () securityfocus com Subject: RE: Amazon phishing scam on Yahoo servers Thanks for the reply, I'm seeing all sorts of strange URLs being used for the popular sites such as banks and ebay, amazon, paypal. Amazing isn't it? On Wed, 22 Feb 2006, Geoff Vass wrote:
Other domains used for phishing I have seen are paypal-unlocking.net, secure.commonwealth-banking.com and citibusinessonline.da-us.citybizcorp.com. Surely someone, somewhere, has to take some responsibility for allowing domains to be created which are clearly and obviously bogus. Who could possibly have a reason to register paypal-unlocking.net? It's also interesting to "Google" the names of the people registering some of these domains, I have seen a few who were famous for one reason or another. I wonder if it's possible to register a domain with
the name George W Bush or F. Castro.. Cheers Geoff Vass -----Original Message----- From: Paul Laudanski [mailto:zx () castlecops com] Sent: Tuesday, 21 February 2006 18:11 To: bugtraq () securityfocus com Subject: Amazon phishing scam on Yahoo servers We just got some emails for amazon phishing scams. Turns out the scam
domain was registered just today (same day). Internic and others aren't reporting it, but Melbourne IT does. Phishing site resides on Yahoo's
servers, but their Abuse department closed at 5pm. A full 6 or so hours to run before they open back up. Assessment: http://castlecops.com/a6531-Amazon_phishing_scam_on_Yahoo_servers.html
-- Paul Laudanski, Microsoft MVP Windows-Security [de] http://de.castlecops.com [en] http://castlecops.com [wiki] http://wiki.castlecops.com [family] http://cuddlesnkisses.com [This message is for the designated recipient(s) only and may contain privileged or confidential information. If you have received it in error, please notify the sender immediately and delete the original. Any other use of the email by you is prohibited.]
Current thread:
- Amazon phishing scam on Yahoo servers Paul Laudanski (Feb 21)
- Re: Amazon phishing scam on Yahoo servers Steve Friedl (Feb 23)
- Re: Amazon phishing scam on Yahoo servers Paul Laudanski (Feb 23)
- <Possible follow-ups>
- RE: Amazon phishing scam on Yahoo servers Geoff Vass (Feb 23)
- RE: Amazon phishing scam on Yahoo servers Paul Laudanski (Feb 23)
- Re: Amazon phishing scam on Yahoo servers Vincent Archer (Feb 26)
- Re: Amazon phishing scam on Yahoo servers Stefan Kelm (Feb 26)
- Re: Amazon phishing scam on Yahoo servers Elizabeth Zwicky (Feb 26)
- RE: Amazon phishing scam on Yahoo servers Alex Eckelberry (Feb 23)
- Re: Amazon phishing scam on Yahoo servers Steve Friedl (Feb 23)