RE: PayPal "security" measures
I tried posting a follow-up to this topic, but it was moderated out of
existence.
Looking back at my paypal phishing e-mail again and all the other
possibilities... I think the actual reason for the non-exploit phishing
spam is that that idiot spammers forgot to include the exploit.
What is more likely: phishers launching a coordinated spamming and
global DNS poisoning attack or phishers who forgot to include exploit
code in their e-mail?
Never attribute to malice that which is adequately explained by
stupidity. -Hanlon's Razor
Andy
> -----Original Message-----
> From: sh0rtie [mailto:this.is@xxxxxxxxx]
> Sent: Wednesday, April 06, 2005 1:19 PM
> To: bugtraq
> Subject: Re: PayPal "security" measures
>
> DNS poisoning could very well be the reason
> ISC has details up on its site today and are running at
> yellow becuase of it
>
> http://isc.sans.org/
>
>
> On Apr 4, 2005 5:29 PM, McAllister, Andrew
> <McAllisterA@xxxxxxxxxxxx> wrote:
> > I followed up with Mr Rasmussen privately. I've been
> getting phishing
> > spam that looks to be from PayPal (nothing new there), but strangely
> > enough has NO visible attack vector. The phishing spam
> directs me to a
> > legitimate paypal page. I know it is a scam because, e-mail headers
> > indicate the mail has come from unknown hosts, and I've received
> > confirmation from PayPal that it is a scam.
> >
snip