DNS wildcards used in new phishing attacks
MailScanner at ecs.soton.ac.uk
Wed Mar 9 08:43:45 GMT 2005
[ The following text is in the "ISO-8859-1" character set. ]
[ Your display is set for the "US-ASCII" character set. ]
[ Some characters may be displayed incorrectly. ]
"Phishing Net" is the name I have given to the email "phishing" fraud
detector built into MailScanner.
See www.phishingnet.info if you want to see some of the gory details.
Peter Russell wrote:
> Forgive me if this is a silly question - phishing net is using the
> latest mailscanner? Is this a name given to a feature of MS?
> Julian Field wrote:
>> As highlighted here on Slashdot:
>> which links to the full Netcraft article at
>> I have just tested the examples given by Netcraft, and the current
>> phishing net already traps these phishing attacks and needs no changes
>> or improvements in this case.
>> If you are running an old version of the phishing net, I strongly advise
>> you to upgrade. You should at least test the 3 URLs given by Netcraft
>> and ensure that you can catch them. Use an HTML segment like this:
>> Barclays bank wildcard DNS attack here:
>> Beware that the above paragraph should have 4 lines in it, in case my
>> mail client messes with it.
MailScanner thanks transtec Computers for their support
Buy the MailScanner book at www.MailScanner.info/store
PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654
------------------------ MailScanner list ------------------------
To unsubscribe, email jiscmail at jiscmail.ac.uk with the words:
'leave mailscanner' in the body of the email.
Before posting, read the MAQ (http://www.mailscanner.biz/maq/) and
the archives (http://www.jiscmail.ac.uk/lists/mailscanner.html).
Support MailScanner development - buy the book off the website!
More information about the MailScanner