You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@spamassassin.apache.org by Jason Haar <Ja...@trimble.co.nz> on 2006/07/25 12:03:56 UTC

OT: nasty, evil phisher

This is pretty low - phishing as The Red Cross :-(

But their fake Web site is interesting. It has links to both Hacker Safe
and Verisign. Which confirms that american.redcross.org are "good"
sites. Unfortunately the site those links are on is actually
redcross.needs.us.to

You'd think both those companies would do some rudimentary Referrer
checks to ensure only sites in the SAME DOMAIN could contain such links...

Hmmm, I guess you could argue that's a security hole in their products?

-- 
Cheers

Jason Haar
Information Security Manager, Trimble Navigation Ltd.
Phone: +64 3 9635 377 Fax: +64 3 9635 417
PGP Fingerprint: 7A2E 0407 C9A6 CAF6 2B9F 8422 C063 5EBB FE1D 66D1