[Dshield] OT?: some stuff, a firewall won't catch

Bernd Loske bernd at loskeonline.net
Fri Nov 15 16:09:17 GMT 2002


First:
It's your own fault, if you really go to the site below and try to log in
with your account/password -- you have been warned.

I found the email below in the inbox of my AOL account (yeap - still have
that) this morning. I usually would have deleted it right away, but I was
curious about what these spammers try now, to get your time and money. So --
fire up lynx and go to the referenced page -- well -- after getting the
source and making it readable, it revealed a nice piece of social
engineering. The casual observer might really think, that he logs in into
AOL. And in doing so, his/her account/password gets posted to some web
server in the process. I wonder how many AOL accounts got compromised ? ...

How do you catch that, except telling everybody over and over, not to click
on links, to trust nobody and that the internet became a bad place to be?




-----Original Message-----
From: RuffRyderLK at aol.com [mailto:RuffRyderLK at aol.com]
Sent: Thursday, November 14, 2002 7:08 PM
To: undisclosed-recipients:
Subject: You have an admirer!


Someone has sent you a secret message. <A
HREF=http://members.truepath.com/vegazisfun/>Click here to redeem your
message now!</A>




More information about the list mailing list