Security Basics mailing list archives
Re: help with "malicious" url embedded in email
From: dan.crowley () gmail com
Date: 2 Jun 2009 18:51:51 -0000
This url actually does not seem to be enciphered nor encoded. This calls a script called "c" on xxx.net with some strange variable value sent to it. Since this is a malicious email, this is probably to confirm that you received the email. If they send out unique serial strings in every email linked to an email address that they're not sure actually exists and someone visits that URL, they know that the email address is valid and that someone was curious. Basically, once you visit this URL, spammers know that you're a valid target. This is a best guess, by the way, I can't be certain that they're actually doing this, but the URL is not obfuscated or enciphered, though the variable value might be. ------------------------------------------------------------------------ This list is sponsored by: InfoSec Institute Need to pass the CISSP? InfoSec Institute's CISSP Boot Camp in both Instructor-Led and Online formats is the most concentrated exam prep available. Comprehensive course materials and an expert instructor means you pass the exam. Gain a laser like insight into what is covered on the exam, with zero fluff! http://www.infosecinstitute.com/courses/cissp_bootcamp_training.html ------------------------------------------------------------------------
Current thread:
- help with "malicious" url embedded in email A K (Jun 01)
- <Possible follow-ups>
- Re: help with "malicious" url embedded in email cderossi (Jun 03)
- Re: help with "malicious" url embedded in email dan . crowley (Jun 03)