PaulDotCom mailing list archives

phishing question

From: robert.portvliet at gmail.com (Robert Portvliet)
Date: Thu, 3 Dec 2009 09:32:16 -0500

If you guys are interesting in learning a fair bit about malware
analysis, check out Tom Liston's 'Follow the Bouncing Malware, Live'
talk\workshop from ChicagoCon 2007.

It's 90 minutes long & full of all sorts of good info...

http://www.chicagocon.com/medialab/2007-evening-presentation-files.html



On Tue, Dec 1, 2009 at 3:54 PM, Chris Blazek <chris.blazek at gmail.com> wrote:

A coworker clicked on a link in an email and was directed to facebook then
redirected to the following site: despatiesmercemerce . blogspot . com
All of there fb contacts then received the same email. I pulled up the site
in malzilla and noticed a script block in the header that looks like it's
obfuscated.

I was wondering if someone in the group could figure out what the site was
trying to do.

Thanks,
Chris



_______________________________________________
Pauldotcom mailing list
Pauldotcom at mail.pauldotcom.com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com

Current thread:

phishing question Chris Blazek (Dec 01)
- phishing question PJ McGarvey (Dec 01)
  - phishing question Chris Blazek (Dec 01)
    - phishing question David Auclair (Dec 02)
    - phishing question David Shpritz (Dec 02)
    - phishing question David Auclair (Dec 02)
    - phishing question Chris Blazek (Dec 02)
    - phishing question Chris Blazek (Dec 02)
    - phishing question David Auclair (Dec 03)
- phishing question Matt Erasmus (Dec 01)
- phishing question Robert Portvliet (Dec 03)
  - phishing question Chris Blazek (Dec 03)
  - phishing question Matt Erasmus (Dec 03)
- phishing question Bert Van Kets (Dec 04)
  - phishing question Jim Halfpenny (Dec 04)