WebApp Sec mailing list archives
RE: Smells like a phish, is a fish?
From: "Ofer Shezaf" <Ofer.Shezaf () breach com>
Date: Thu, 27 Oct 2005 04:14:58 -0400
Well, but godaddy is not the source. As they mention (see http://www.icann.org/registrars/wdrp.htm), this is an ICANN requirement (or at least a logical interpretation of this requirement). It is true though the ICANN suggest sending the information for review in the body of the e-mail. I would also argue that: - People who register domains are more educated than others regarding phishing. - I rechecked the mail I received from them and their instructions did not work for me, but it seems that the method they use which is to provide you with a key in the e-mail, rather than asking for a login might actually be a way to mitigate phishing. ~ Ofer Ofer Shezaf OWASP Israel Chair http://www.owasp.org/local/israel.html CTO, Breach Security Phone (US): +1 (760) 268.1924 ext. 702 Phone (Israel): +972 (9) 956.0036 ext.212 Cell: +972 (54) 443.1119 ofers () breach com http://www.breach.com
-----Original Message----- From: Andrew van der Stock [mailto:vanderaj () greebo net] Sent: Thursday, October 27, 2005 9:50 AM To: webappsec () securityfocus com Subject: Smells like a phish, is a fish? I have my domains registered with a popular registrar, and they've sent the most phishy e-mail I've ever seen from a major provider: --- Dear Andrew van der Stock, It's that time of year again. ICANN (the Internet Corporation for Assigned Names and Numbers) annually requires that all accredited registrars (like Go Daddy(R)) ask their domain administrators/ registrants to review domain name contact data, and make any changes necessary to ensure accuracy. To review/update your contact data, simply: + Go to www.godaddy.com/?isc=ICANNKEY + Click on the "ICANN Domain Confirmation" icon at the top of the page + You will be taken to a landing page and asked to enter your Domain Information Key: <removed> + Enter your key and click "Go." (more phish deleted) --- I confirmed with the registrar that indeed they did send this phishy e-mail. How do we get through to large organizations - who really should know better - that they most of all shouldn't smell like a phish market? thanks, Andrew
Current thread:
- Smells like a phish, is a fish? Andrew van der Stock (Oct 27)
- Re: Smells like a phish, is a fish? Mat Farrington (Oct 27)
- Re: Smells like a phish, is a fish? Cory Foy (Oct 27)
- Re: Smells like a phish, is a fish? Mike Kuriger (Oct 27)
- Re: Smells like a phish, is a fish? Todd Hendricks (Oct 28)
- <Possible follow-ups>
- RE: Smells like a phish, is a fish? Ofer Shezaf (Oct 27)
- RE: Smells like a phish, is a fish? Damhuis Anton (Oct 27)
- RE: Smells like a phish, is a fish? M. Burnett (Oct 27)
- RE: Smells like a phish, is a fish? Christopher Reed (Oct 28)
- RE: Smells like a phish, is a fish? Tom Stowell (Oct 28)
- RE: Smells like a phish, is a fish? Damhuis Anton (Oct 28)
- RE: Smells like a phish, is a fish? Tom Stowell (Oct 28)
- RE: Smells like a phish, is a fish? Lyal Collins (Oct 28)
- Re: Smells like a phish, is a fish? Devdas Bhagat (Oct 30)
- RE: Smells like a phish, is a fish? Lyal Collins (Oct 31)
- RE: Smells like a phish, is a fish? Lyal Collins (Oct 28)