Security Incidents mailing list archives
Re: Discovering and Stopping Phishing/Scam Attacks
From: Lode Vermeiren <lode () linu cx>
Date: Tue, 26 Apr 2005 22:51:21 +0200
On Tue, 26 Apr 2005 steven () lovebug org wrote:
As we have all noticed, there has increase in the number of phishing/scam attempts via e-mail that appear to be legitimate. Most of
and e-mails do not host their own images. From what I have seen, more often than not, these e-mails and websites link directly to images hosted by the legitimate website.
Since they are linking to the images hosted on the site they are cloning -- the banking/e-commerce website could just rename their images on their own webpage every so often (and update their webpages accordingly).
Op di, 26-04-2005 te 13:13 -0700, schreef Randy:
Seems like a maintenance nightmare waiting to happen. ~randy
Renaming the files would indeed be a maintenance nightmare, but I don't see a reason why the webserver hosting the image can't do a referrer check, and only serve the real images if they are being loaded from the real domain. In all other cases they could return a "THIS IS A FAKE PAGE" image, or perhaps even some shock site[1] Lode [1] please don't follow any of the links on http://en.wikipedia.org/wiki/Shock_site You have been warned. -------------------------------------------------------------------------- Test Your IDS Is your IDS deployed correctly? Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 to learn more. --------------------------------------------------------------------------
Current thread:
- Discovering and Stopping Phishing/Scam Attacks steven (Apr 26)
- Re: Discovering and Stopping Phishing/Scam Attacks Randy (Apr 26)
- Re: Discovering and Stopping Phishing/Scam Attacks Lode Vermeiren (Apr 26)
- RE: Discovering and Stopping Phishing/Scam Attacks matt.neeley (Apr 26)
- Re: Discovering and Stopping Phishing/Scam Attacks Lode Vermeiren (Apr 26)
- Re: Discovering and Stopping Phishing/Scam Attacks byte_jump (Apr 26)
- Re: Discovering and Stopping Phishing/Scam Attacks Michael J. Pomraning (Apr 26)
- Re: Discovering and Stopping Phishing/Scam Attacks byte_jump (Apr 27)
- Re: Discovering and Stopping Phishing/Scam Attacks Crispin Cowan (Apr 27)
- <Possible follow-ups>
- Re: Discovering and Stopping Phishing/Scam Attacks thomas adams (Apr 26)
- Re: Discovering and Stopping Phishing/Scam Attacks Alex (Apr 27)
- Re: Discovering and Stopping Phishing/Scam Attacks byte_jump (Apr 27)
- RE: Discovering and Stopping Phishing/Scam Attacks Thomas Adams (Apr 27)
- Re: Discovering and Stopping Phishing/Scam Attacks byte_jump (Apr 27)
- Re: Discovering and Stopping Phishing/Scam Attacks Randy (Apr 26)