Slashdot Mirror

← Back to Stories (view on slashdot.org)

Phishing Site Using Valid SSL Certificates

Posted by ScuttleMonkey on from the new-phace-of-phishing dept.

UnderAttack writes to tell us the Washington Post SecurityFix blog has an interesting article about a new and rather sophisticated phishing scheme. The email not only used the first few digits of the users card number to look more plausible (even though the first part of the number is the same for all cards), but it also used a valid SSL certificate for its domain name."

3 of 368 comments (clear)

  1. Re:un-possible! by xiaomai · · Score: 0, Offtopic

    you're telling me, i'm still trying to figure out how people are not better educated than this... i really just wanted to reply to your signature though. woudn't it be more "ruby-esque" to do something like #!/usr/bin/ruby puts "i'm loving ruby" while true ?

  2. Re:un-possible! by Dasch · · Score: 0, Offtopic

    Why not just loop { puts "I'm loving Ruby" }?

  3. Dilbert at work by msbsod · · Score: 0, Offtopic

    Recently someone tried to send me an HTML-encoded mail message. The sender address was author@osti.gov. OSTI is an office of the Department Of Energy (DOE). Not just the crooks send HTML-encoded mail messages. The best thing was the name of the machine from where the mail was sent: dilbert.osti.gov !

    Say no to HTML-encoded mail messages.