nanog mailing list archives
Re: Phishing (Was Re: WashingtonPost computer security stories)
From: "Christopher L. Morrow" <christopher.morrow () mci com>
Date: Tue, 17 Aug 2004 15:36:58 +0000 (GMT)
On Tue, 17 Aug 2004, Eric Kuhnke wrote:
The mail originated from 68.77.56.130 (an ameritech.net DSL connection, right now not pingable) and loads some images from www.citibank.com. It links to http://61.128.198.51/Confirm/ - an IP address hosted by Chinanet (transit to there supplied by Savvis from my point of view).It's a 1 line rule with mod_rewrite and apache to block nonexistant or off-site http referers attempting to display GIF/JPG/PNG images... Sometimes I wonder why Citibank, Paypal and others don't do this. It would cut down on the displayed authenticity level of many basic phishes.
<cookie-foo>: 31-Dec-2014 00:00:00 GMT; path=/; domain=.usbank.com Server: Microsoft-IIS/5.0 Date: Tue, 17 Aug 2004 15:34:02 GMT Citibank.com returns: Server: "" Perhaps the 1-line mod_rewrite isn't available to them because they don't have mod_rewrite?
Current thread:
- Re: Phishing (Was Re: WashingtonPost computer security stories), (continued)
- Re: Phishing (Was Re: WashingtonPost computer security stories) Michael . Dillon (Aug 17)
- Re: Phishing (Was Re: WashingtonPost computer security stories) Joel Jaeggli (Aug 17)
- Re: Phishing (Was Re: WashingtonPost computer security stories) Richard Cox (Aug 17)
- Re: Phishing (Was Re: WashingtonPost computer security stories) Petri Helenius (Aug 17)
- Re: Phishing (Was Re: WashingtonPost computer security stories) Alexei Roudnev (Aug 17)
- Re: Phishing (Was Re: WashingtonPost computer security stories) Eric Kuhnke (Aug 17)
- Re: Phishing (Was Re: WashingtonPost computer security stories) Tim Wilde (Aug 17)
- Re: Phishing (Was Re: WashingtonPost computer security stories) Edward B. Dreger (Aug 17)
- Re: Phishing (Was Re: WashingtonPost computer security stories) Petri Helenius (Aug 17)
- Re: Phishing (Was Re: WashingtonPost computer security stories) Brett (Aug 18)
- Re: Phishing (Was Re: WashingtonPost computer security stories) Christopher L. Morrow (Aug 17)
- Re: WashingtonPost computer security stories Alexei Roudnev (Aug 15)
- Re: WashingtonPost computer security stories Fred Baker (Aug 15)
- RE: WashingtonPost computer security stories Michael . Dillon (Aug 16)
- Re: WashingtonPost computer security stories Jeff Shultz (Aug 16)