Re: New phishing style? Give them real links except for one

["Niek" <niek () packetstorm nu>]

> I just received this one today, sent to an email address I 
> use only for
> web-based contact (in other words, it was harvested, so I knew
> immediately it was a scam of some sort).
>
> The thing that caught my eye, as I scanned it to send off to 
> paypal, is
> that only *1* of the 4 "click here to log in" links go to the 
> phisher's
> server: akindo.bubu-iss.com (hosted in Japan): Asking 
> cn001.hotcn.ne.jp.
> for 65.172.229.210.in-addr.arpa PTR record:  Reports 
> akindo.bubu-iss.com
<snip>
> {
>       window.status = boodschap;
>       timerID= setTimeout("dgstatus()", 25);
> }
> //-->
<snip>

Boodschap is the Dutch word for message.
Maybe the scam originated from out of The Netherlands?

Niek


---------------------------------------------------------------------------
Free 30-day trial: firewall with virus/spam protection, URL filtering, VPN,
wireless security

Protect your network against hackers, viruses, spam and other risks with Astaro
Security Linux, the comprehensive security solution that combines six
applications in one software solution for ease of use and lower total cost of
ownership.

Download your free trial at 
http://www.securityfocus.com/sponsor/Astaro_incidents_040301
----------------------------------------------------------------------------