PaulDotCom mailing list archives
phishing question
From: mailing at vankets.com (Bert Van Kets)
Date: Fri, 04 Dec 2009 09:16:09 +0100
Isn't is easier to use a proxy or packet trace and see where the requests go to? You are not really after the code itself, just the locations in the requests. Just my $0.02 Bert Chris Blazek wrote:
A coworker clicked on a link in an email and was directed to facebook then redirected to the following site: despatiesmercemerce . blogspot . com All of there fb contacts then received the same email. I pulled up the site in malzilla and noticed a script block in the header that looks like it's obfuscated. I was wondering if someone in the group could figure out what the site was trying to do. Thanks, Chris ------------------------------------------------------------------------ _______________________________________________ Pauldotcom mailing list Pauldotcom at mail.pauldotcom.com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
Current thread:
- phishing question, (continued)
- phishing question David Auclair (Dec 02)
- phishing question David Shpritz (Dec 02)
- phishing question David Auclair (Dec 02)
- phishing question Chris Blazek (Dec 02)
- phishing question Chris Blazek (Dec 02)
- phishing question David Auclair (Dec 03)
- phishing question Chris Blazek (Dec 03)
- phishing question Matt Erasmus (Dec 03)
- phishing question Jim Halfpenny (Dec 04)