Bugtraq mailing list archives
Re: Amazon phishing scam on Yahoo servers
From: Elizabeth Zwicky <zwicky () greatcircle com>
Date: Thu, 23 Feb 2006 13:23:34 -0800
On Feb 21, 2006, at 11:02 PM, Geoff Vass wrote:
Surely someone, somewhere, has to take some responsibility for allowing domains to be created which are clearly and obviously bogus.
Working on a mail system transition for a national telecomm, I worked with a consultant (like me, a US national at the time based in yet another country) who claimed to have double-checked the list of sites to be marked as internal (i.e., customers of that national telecomm). When we pointed out that a good 20% of them were clearly bogus (a software error), as noted immediately by the first person who saw email to their largest competitor marked as internal, she said that she couldn't be expected to know the details of local companies. Well, I dunno, I thought if I knew who my client's largest competitor was, and they advertised on all the busses, it shouldn't be that difficult, really, but most importantly, the second domain on the "internal" list was aol.com, which, you may note, is a well-known US company unlikely to be buying its Internet connectivity from a non-US telecomm. Which is to say, wouldn't surprise me at all if I managed to register a domain to George W. Bush at 1500 Pennsylvania Ave. At a US registrar, even. Such errors are in my experience more likely to be caught by software than by the humans who ought to be good at it, because the human beings are too bored or too uninterested. Elizabeth Zwicky zwicky () otoh org
Current thread:
- Amazon phishing scam on Yahoo servers Paul Laudanski (Feb 21)
- Re: Amazon phishing scam on Yahoo servers Steve Friedl (Feb 23)
- Re: Amazon phishing scam on Yahoo servers Paul Laudanski (Feb 23)
- <Possible follow-ups>
- RE: Amazon phishing scam on Yahoo servers Geoff Vass (Feb 23)
- RE: Amazon phishing scam on Yahoo servers Paul Laudanski (Feb 23)
- Re: Amazon phishing scam on Yahoo servers Vincent Archer (Feb 26)
- Re: Amazon phishing scam on Yahoo servers Stefan Kelm (Feb 26)
- Re: Amazon phishing scam on Yahoo servers Elizabeth Zwicky (Feb 26)
- RE: Amazon phishing scam on Yahoo servers Alex Eckelberry (Feb 23)
- Re: Amazon phishing scam on Yahoo servers Steve Friedl (Feb 23)