"New" e-mail phishing scam
Julian Field
MailScanner at ecs.soton.ac.uk
Sat Feb 21 11:01:18 GMT 2009
This is called "spear phishing". We get it all the time and it's what my
previous work will catch for you. Take a look in my Logbook at
www.jules.fm and you'll see the article about it, along with all the
code you need to stop these attacks.
Sorry to say this, but it's old news from what I can see.
On 20/2/09 22:54, James Gray wrote:
> http://isc.sans.org/diary.html?storyid=5905
>
> Nothing particularly novel about the approach, but instead of sending
> out messages from a spoofed "known" domain (foo at yahoo.com
> <mailto:foo at yahoo.com>, foo at gmail.com <mailto:foo at gmail.com> etc) the
> phishers registered "email-helpdesk.com". I've black-holed that
> domain at the MTA. Thought it was worth sharing :)
>
> Cheers,
>
> James
Jules
--
Julian Field MEng CITP CEng
www.MailScanner.info
Buy the MailScanner book at www.MailScanner.info/store
MailScanner customisation, or any advanced system administration help?
Contact me at Jules at Jules.FM
PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654
PGP public key: http://www.jules.fm/julesfm.asc
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
More information about the MailScanner
mailing list