Bugtraq mailing list archives

Re: Amazon phishing scam on Yahoo servers

From: Paul Laudanski <zx () castlecops com>
Date: Wed, 22 Feb 2006 23:39:50 -0500 (EST)

Excellent then, they got my email and ran with it.  Amazing how fast this 
whole thing was.

On Tue, 21 Feb 2006, Steve Friedl wrote:

On Tue, Feb 21, 2006 at 02:40:41AM -0500, Paul Laudanski wrote:

servers, but their Abuse department closed at 5pm.  A full 6 or so hours 
to run before they open back up.


Oh yah? Yahoo Paranoids jumped right on this...

$ dig www.user-unlock-amazon.com a 

; <<>> DiG 9.3.0 <<>> www.user-unlock-amazon.com a
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 13061
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;www.user-unlock-amazon.com.    IN      A

(translation: the domain is dead at the Y! nameservers)

Go Yahoo! :-)

Steve


-- 
Paul Laudanski, Microsoft MVP Windows-Security
[de] http://de.castlecops.com
[en] http://castlecops.com
[wiki] http://wiki.castlecops.com
[family] http://cuddlesnkisses.com

[This message is for the designated recipient(s) only and may contain
privileged or confidential information.  If you have received it in error,
please notify the sender immediately and delete the original. Any other
use of the email by you is prohibited.]

Current thread:

Amazon phishing scam on Yahoo servers Paul Laudanski (Feb 21)
- Re: Amazon phishing scam on Yahoo servers Steve Friedl (Feb 23)
  - Re: Amazon phishing scam on Yahoo servers Paul Laudanski (Feb 23)
- <Possible follow-ups>
- RE: Amazon phishing scam on Yahoo servers Geoff Vass (Feb 23)
  - RE: Amazon phishing scam on Yahoo servers Paul Laudanski (Feb 23)
  - Re: Amazon phishing scam on Yahoo servers Vincent Archer (Feb 26)
  - Re: Amazon phishing scam on Yahoo servers Stefan Kelm (Feb 26)
  - Re: Amazon phishing scam on Yahoo servers Elizabeth Zwicky (Feb 26)
- RE: Amazon phishing scam on Yahoo servers Alex Eckelberry (Feb 23)