Security Basics mailing list archives

Previous By Date Next
Previous By Thread Next

Re: help with "malicious" url embedded in email

From: dan.crowley () gmail com
Date: 2 Jun 2009 18:51:51 -0000
This url actually does not seem to be enciphered nor encoded. This calls a script called "c" on xxx.net with some 
strange variable value sent to it. Since this is a malicious email, this is probably to confirm that you received the 
email. If they send out unique serial strings in every email linked to an email address that they're not sure actually 
exists and someone visits that URL, they know that the email address is valid and that someone was curious.

Basically, once you visit this URL, spammers know that you're a valid target.

This is a best guess, by the way, I can't be certain that they're actually doing this, but the URL is not obfuscated or 
enciphered, though the variable value might be.

------------------------------------------------------------------------
This list is sponsored by: InfoSec Institute

Need to pass the CISSP? InfoSec Institute's CISSP Boot Camp in both Instructor-Led and Online formats is the most 
concentrated exam prep available. Comprehensive course materials and an expert instructor means you pass the exam. Gain 
a laser like insight into what is covered on the exam, with zero fluff! 

http://www.infosecinstitute.com/courses/cissp_bootcamp_training.html
------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: