[Dshield] CNN?

M Cook dshieldlists at versateam.com
Mon Oct 15 18:04:12 GMT 2007


Anyone see the mail from CNN about a desktop alerter? It offers a link 
to download it:

Download it now! 
http://downloadpl.cnn.com/cnn/services/alerter/CNNAlerter.exe

But if you hover over it, the link is actually

http://www.access.cnn.com/xyyabbxx_xzenozx.html

Now I realize this is probably innocent, probably just to implement some 
sort of tracking; but don't these folks realize it is the same strategy 
used by phishers (list one URL, hide the real one)? Why don't they just 
say "click here", or make the text match the linked URL. Wouldn't it be 
better if legitimate businesses were straightforward, so only the shady 
ones were sneaky? Plus if they want to be really helpful, they'd put it 
on an HTTPS page, so the certificate could be validated...

(sorry for the rant)


More information about the list mailing list