Re: Phishing scam for PC Magazine

["Dr. Neal Krawetz" <hf () hackerfactor com>]

On Wed Nov 23 06:16:10 2005, Richard M. Smith wrote:
> I just got the attached piece of phishing spam.  This is the first time I've
> seen a cheap product used in a phishing scam to grab people's credit card
> information.  The fake domain set up for this scam is named www.zdmcirc.com.
>  
> Richard

Hi Richard,

I hate to say it, but I think this is real.
At least, from the stuff you attached, I see nothing obviously fake.

There are two main hosting sites:
www.zdmcirc.com
  This is Ziff Davis Media Circulation.
  The DNS registration is Ziff Davis Publishing Holdings, Inc.

registerzdi-marketing.com
  This is registered to Omeda Communications.
  They are a third-party "spam for hire" group that does have a
  contract with Ziff Davis.

I didn't see any other hosting sites in your posting.  :-|

ZDnet does send spam out to people that register.
Most likely you one registered with them (maybe for a magazine
subscription) and you entered in your email address.

ZDnet is classified as an NCE: Non-responsive Commercial Entity.
They are a real commercial company, but they ignore requests to not
receive emails.  This is different from "unsolicited" since there was
a solicitation on your behalf (and very likely from you).
This is "undesirable", but not "unsolicited".
(Other NCEs include Comcast, "Barns&Noble University", HP, Dell, and
my Aunt Susie.)

                                        -Neal
--
Neal Krawetz, Ph.D.
Hacker Factor Solutions
http://www.hackerfactor.com/

_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.