nanog mailing list archives

Re: Phishing (Was Re: WashingtonPost computer security stories)

From: Eric Kuhnke <eric () fnordsystems com>
Date: Tue, 17 Aug 2004 05:58:35 -0700

The mail originated from 68.77.56.130 (an ameritech.net DSL connection,
right now not pingable) and loads some images from www.citibank.com.
It links to http://61.128.198.51/Confirm/ - an IP address hosted by
Chinanet (transit to there supplied by Savvis from my point of view).

It's a 1 line rule with mod_rewrite and apache to blocknonexistant or off-site http referers attempting to displayGIF/JPG/PNG images... Sometimes I wonder why Citibank,Paypal and others don't do this. It would cut down on thedisplayed authenticity level of many basic phishes.

Current thread:

Re: Phishing (Was Re: WashingtonPost computer security stories), (continued)
- - Re: Phishing (Was Re: WashingtonPost computer security stories) Christopher L. Morrow (Aug 16)
    - Re: Phishing (Was Re: WashingtonPost computer security stories) Mark Kasten (Aug 16)
  - Re: Phishing (Was Re: WashingtonPost computer security stories) Alexei Roudnev (Aug 16)
    - Re: Phishing (Was Re: WashingtonPost computer security stories) Sean Donelan (Aug 16)
    - Re: Phishing (Was Re: WashingtonPost computer security stories) David Lesher (Aug 17)
    - Re: Phishing (Was Re: WashingtonPost computer security stories) Michael . Dillon (Aug 17)
    - Re: Phishing (Was Re: WashingtonPost computer security stories) Joel Jaeggli (Aug 17)
    - Re: Phishing (Was Re: WashingtonPost computer security stories) Richard Cox (Aug 17)
    - Re: Phishing (Was Re: WashingtonPost computer security stories) Petri Helenius (Aug 17)
    - Re: Phishing (Was Re: WashingtonPost computer security stories) Alexei Roudnev (Aug 17)
    - Re: Phishing (Was Re: WashingtonPost computer security stories) Eric Kuhnke (Aug 17)
    - Re: Phishing (Was Re: WashingtonPost computer security stories) Tim Wilde (Aug 17)
    - Re: Phishing (Was Re: WashingtonPost computer security stories) Edward B. Dreger (Aug 17)
    - Re: Phishing (Was Re: WashingtonPost computer security stories) Petri Helenius (Aug 17)
    - Re: Phishing (Was Re: WashingtonPost computer security stories) Brett (Aug 18)
    - Re: Phishing (Was Re: WashingtonPost computer security stories) Christopher L. Morrow (Aug 17)
- Re: WashingtonPost computer security stories Brandon Butterworth (Aug 15)
- FW: WashingtonPost computer security stories Joe Johnson (Aug 15)
- RE: WashingtonPost computer security stories Joe Johnson (Aug 15)
  - Re: WashingtonPost computer security stories Alexei Roudnev (Aug 15)
    - Re: WashingtonPost computer security stories Fred Baker (Aug 15)

(Thread continues...)