Spyware Sucks
“There is no magic fairy dust protecting Macs" – Dai Zovi, author of “The Mac Hacker’s Handbook"

The *worst* phish I have ever seen

October 18th 2010 in Uncategorized

What an amusing way to start the day – errors galore!

image

image

 

Let’s look at where the “EFTPS” URL takes you.

image

 

Page content:

image

eftpsid0343233.ru
ICANN Registrar: REGRU
Created 14 October 2010

IP: 178.63.173.126 – Fasttelecommunications Incorporated

ns1.freedns.ws
ns1.xname.org
ns2.freedns.ws
ns2.xname.org

Registrant: babkins@pochtamt.ru

The IP range is known to be problematic, having been host to everything from fake antivirus to trojans, exploits and an exploit kits (and a bot for variety):

http://www.malwaredomainlist.com/mdl.php?search=178.63.173&colsearch=All&quantity=50


One comment to...
“The *worst* phish I have ever seen”

Barry

Note that all of the “typos” involve switching two letters out of their proper order. This is likely not a true typo, but a measure to help the e-mail evade spam filters.


Hooray.  Long term readers of this blog know how that I don’t like how some people “test” different Internet Explorer versions by turning their PCs into “Frankenstein” systems, and then expect that their “test results” can be trusted – not. The Virtual PC compatible images available are: XP SP3 with IE6 (expires 11 […]

Previous Entry

Details here: http://blog.mozilla.com/security/2010/10/26/critical-vulnerability-in-firefox-3-5-and-firefox-3-6/

Next Entry

Archives