WebApp Sec mailing list archives
Smells like a phish, is a fish?
From: Andrew van der Stock <vanderaj () greebo net>
Date: Thu, 27 Oct 2005 17:49:37 +1000
I have my domains registered with a popular registrar, and they've sent the most phishy e-mail I've ever seen from a major provider:
--- Dear Andrew van der Stock,It's that time of year again. ICANN (the Internet Corporation for Assigned Names and Numbers) annually requires that all accredited registrars (like Go Daddy(R)) ask their domain administrators/ registrants to review domain name contact data, and make any changes necessary to ensure accuracy.
To review/update your contact data, simply:
+ Go to www.godaddy.com/?isc=ICANNKEY
+ Click on the "ICANN Domain Confirmation" icon at the top of
the page
+ You will be taken to a landing page and asked to enter your
Domain Information Key: <removed>
+ Enter your key and click "Go."
(more phish deleted)
---
I confirmed with the registrar that indeed they did send this phishy
e-mail. How do we get through to large organizations - who really
should know better - that they most of all shouldn't smell like a
phish market?
thanks, Andrew
Current thread:
- Smells like a phish, is a fish? Andrew van der Stock (Oct 27)
- Re: Smells like a phish, is a fish? Mat Farrington (Oct 27)
- Re: Smells like a phish, is a fish? Cory Foy (Oct 27)
- Re: Smells like a phish, is a fish? Mike Kuriger (Oct 27)
- Re: Smells like a phish, is a fish? Todd Hendricks (Oct 28)
- <Possible follow-ups>
- RE: Smells like a phish, is a fish? Ofer Shezaf (Oct 27)
- RE: Smells like a phish, is a fish? Damhuis Anton (Oct 27)
- RE: Smells like a phish, is a fish? M. Burnett (Oct 27)
- RE: Smells like a phish, is a fish? Christopher Reed (Oct 28)
- RE: Smells like a phish, is a fish? Tom Stowell (Oct 28)
- RE: Smells like a phish, is a fish? Damhuis Anton (Oct 28)
(Thread continues...)