Slashdot Mirror

← Back to Stories (view on slashdot.org)

Phishers Build Deceptive Links with DNS Wildcards

Posted by ryuzaki0 on from the pointy-pointy-then-annointy dept.

1sockchuck writes "In the continuing evolution of the phisher, the latest scams are crafting deceptive email links that include a bank's URL, but send victims to a phishing spoof site. The phishers are combining wildcard DNS, URL encoding and redirection services to construct the URLs. Netcraft has examples of emails that presented barclays.co.uk in the URL but sent clicks to a spoofed page at a server in Moscow. A DNS cache poisoning attack over the weekend also highlights the potential use of DNS tricks in 'pharming' (phishing using redirection rather than bait emails)."

8 of 245 comments (clear)

  1. Help on the horizon for Windows users! by EmptyBuffalo · · Score: 5, Funny

    Wow! Talk about a great opportunity to educate the masses - now we've just gotta pharm the www.microsoft.com/help website to www.slashdot.com!!! ;)

    --
    cat life | grep joy >> memory
    1. Re:Help on the horizon for Windows users! by LMCBoy · · Score: 5, Funny

      Slashdot.org...it's DOT COM!
      </homestar>

      --
      Liberal (adj.): Free from bigotry; open to progress; tolerant of others.
  2. That's it by Anonymous+Crowhead · · Score: 5, Funny

    Time to scrap this whole "DNS" thing. I don't know what it is, but it sounds dangerous.

    1. Re:That's it by ScrewMaster · · Score: 5, Funny

      It stands for "Defensive Nuclear Strike". What that has to do with the Internet and email fraud I don't know.

      --
      The higher the technology, the sharper that two-edged sword.
  3. Who has money any more? by bigtallmofo · · Score: 4, Funny

    After sending all my money to various Nigerian organizations, I wish I had some money for someone to siphon in a phishing scam!

    --
    I'm a big tall mofo.
  4. Re:dns? links? by Hoch · · Score: 4, Funny

    Did you change your host file to get work done, only to end up memorizing the slashdot ip? Happens to the best of us.

    --
    2*31*37*263
  5. Re:Phishing? Pharming? by rob_au · · Score: 5, Funny

    phucked (v. tr.): To be taken advantage, betrayed, cheated or victimised by a phishing scam.

  6. Re:Just don't read emails from the bank-Digital Fa by rs79 · · Score: 4, Funny

    "How do you tell bad bits of html from good bits?"

    Check the evil bit in the TCP/IP header.

    --
    Need Mercedes parts ?