<<< Date Index >>>     <<< Thread Index >>>

RE: PayPal "security" measures



I tried posting a follow-up to this topic, but it was moderated out of
existence.

Looking back at my paypal phishing e-mail again and all the other
possibilities... I think the actual reason for the non-exploit phishing
spam is that that idiot spammers forgot to include the exploit.

What is more likely: phishers launching a coordinated spamming and
global DNS poisoning attack or phishers who forgot to include exploit
code in their e-mail?

Never attribute to malice that which is adequately explained by
stupidity. -Hanlon's Razor

Andy

> -----Original Message-----
> From: sh0rtie [mailto:this.is@xxxxxxxxx] 
> Sent: Wednesday, April 06, 2005 1:19 PM
> To: bugtraq
> Subject: Re: PayPal "security" measures
> 
> DNS poisoning could very well be the reason
> ISC has details up on its site today and are running at 
> yellow becuase of it
> 
> http://isc.sans.org/
> 
> 
> On Apr 4, 2005 5:29 PM, McAllister, Andrew 
> <McAllisterA@xxxxxxxxxxxx> wrote:
> > I followed up with Mr Rasmussen privately. I've been 
> getting phishing
> > spam that looks to be from PayPal (nothing new there), but strangely
> > enough has NO visible attack vector. The phishing spam 
> directs me to a
> > legitimate paypal page. I know it is a scam because, e-mail headers
> > indicate the mail has come from unknown hosts, and I've received
> > confirmation from PayPal that it is a scam.
> > 
snip