[Dshield] Email and Websites Impersonating eBay

Johannes Ullrich jullrich at euclidian.com
Sun Oct 19 02:00:18 GMT 2003

> Good point, just started a check and you can't find much more then that
> in the following link, apart from the information from whois.
> https://services.choicepoint.net/servlet/com.kx.was.servlets.CPUGBNclient?3723424648

yes. and if you look at the certificate for
'https://services.choicepoint.net', you will see that it just refers
back to itself ;-)

> Suppose it depends on how much confidence users have got in Equifax
> checking process.

The check isn't great, but ok. If you ask for a certificate with
Equifax ("Globaltrust"), you have to provide an email address within
the domain that is listed in whois, or a standard address like
'ssladmin at domain'. They have an automated system call a phone number you
provide (I think it has to be a landline).

Johannes Ullrich                     jullrich at euclidian.com
pgp key: http://johannes.homepc.org/PGPKEYS
   "We regret to inform you that we do not enable any of the 
    security functions within the routers that we install."
         support at covad.net

More information about the list mailing list