?

Log in

No account? Create an account

t3knomanser's Fustian Deposits

New Phishing Technique

How Random Babbling Becomes Corporate Policy

run the fuck away

Mad science gone horribly, horribly wrong(or right).

New Phishing Technique

Previous Entry Share Next Entry
Retarded
I just received an email claiming to be from Washington Mutual Online, doing the standard "you need to log in". Instead of giving me a domain name made to look like one that could possibly be for a banking firm, the phisher supplied a case number: "0xD2.0x8D.0xDF.0x4B". They then used that case number in the URL, like so: "0xD2.0x8D.0xDF.0x4B/online.wamu.com/"

Reading that URL, it's going to a folder called "online.wamu.com" and the hex numbers are an IP address. This struck me as being a bit more clever than "http://thesiteyouthinkthisisreallyreallyreally.com" or a very long URL. It also shows a better than average technical competency- the phisher knows what an IP address is and knows how to convert it into hex.
  • Thanks for posting this

    I am really glad you posted this. I *just* got this same email and since it is the first phish that got through my spam filter, I thought I'd google it before doing anything else. You just saved me at least 30 minutes :-) So, you have done your good deed for the day for a stranger, no less (which must count for 2 good deeds, *somewhere*, right?) e-l
  • I've seen them do similar things, my favorite was:

    http://www.53.com.login.secure.spammerDN.com/blah

    for a fifth third phishing scam. The hex bit is new though.
Powered by LiveJournal.com