A Tour of the Google Blacklist

WienerPizza writes "Michael Sutton takes us on a tour of the Google blacklist, a list of suspected phishing sites. He finds that eBay, PayPal and Bank of America combined account for 63% of the active phishing sites. Amusingly, he also reveals that Yahoo! has a nasty habit of hosting phishing sites that harvest — you guessed it — Yahoo! credentials!"

But it's not a problem

[syousef]

Try telling Ebay or Paypal that there's a problem. All they do is flood you with propaganda about how they're keeping you safe.

After a bad experience I closed my Paypal account and only use Ebay for small purchases.

Re:But it's not a problem

[AoT]

PayPal is annoying.I can't start a new account with them because I never verified my old account which was connected to a bank account I no longer have. Not that I really want to, I wouldn't trust those guys any further than I could throw them.

Re:But it's not a problem

[Jonnty]

Or define the type of scam you're trying to report. (Scroll down, it's in black, indented courier.)

Re:But it's not a problem

[shashark]

Oh & yes, before you get into the scam - you should know that "Jeff was not heard from again. I personally e-mailed him for permission to run his story on ZUG, but after an initial response, I never heard from him again."

Re:But it's not a problem

[mhokie]

Grace: Well, with your bad knee Ed, you shouldn't throw anybody... Its true.

Re:But it's not a problem

Dear anonymous coward,

Please learn what existential means, please; you make the rest of us look bad.

Question do Sys Admins

[pembo13]

Do any of you guys actively block IPs and IP blocks of phishing sites? And also those "fake domains" which just have search results? If so, how is that working out?

Re:Question do Sys Admins

[pestilence669]

OpenDNS will do phishing detection for you. Not only that, it'll correct common typos and speedup name resolution on your entire network. Oh yeah, it's also free, but it won't block those annoying fake search pages.

http://opendns.com/

Re:Question do Sys Admins

[joshier]

Thanks for this, I've got it setup now.

Do you know of any form of email spam blocking software or filters I can use?.. I use opera, thunderbird and evolution mail.

Thanks

Re:Question do Sys Admins

[GigsVT]

Yeah, because DNS is something that you should obviously trust a single company about!

Who need that old DNS system with the robust infrastructure, when we can have ads pushed on us for every domain we mistype and alongside our search results!

Someone call Verisign and tell them to fire sitefinder back up, these guys need some competition!

Re:Question do Sys Admins

[mr_Spook]

Sadly, OpenDNS will give you its own fake/crappy search page when you type something wrong. That alone was cause enough for me to stop using it.

Re:Question do Sys Admins

[speculatrix]

opendns is a copycat of the verisign adware dns trick... it's hoping to achieve success by relying on the many ISPs who are clueless when it comes to running effective dns resolvers.

Re:Question do Sys Admins

[Arimus]

You turn it off if you have a static ip address...

Re:Question do Sys Admins

[divisionbyzero]

That's probably not a great solution because some of the servers that host these sites are either compromised or the servers host multiple other legitimate sites or the content on the page has been hijacked from a legitimate site.

If you block all of the IPs on the page you may be blocking legitimate traffic. Would you rather get 1000 complaints that your users can't get to Bank of America or take the risk that 10 users may be duped? Despite the fact that the injury to the duped user is probably greater from a business perspective the answer is obvious: don't do it.

It also sets an annoying precedent. Do you want SysAdmins policing all of the content their users download? Because I'm sure Congress would love for you to do that (e.g. COPA, etc).

Re:Question do Sys Admins

[ACMENEWSLLC]

We actively block these sites with Surfcontrol & eSafe. These product has a phishing category.

Though I must admit, they don't keep up with the number of sites which are phishing. It's more of a marketing thing than actual protection. Though I do see a log showing a user blocked from a phishing site from time to time. www.hackcanada.com being the only one I see in the last 12 hours.

So...

[NightWulf]

That guy on eBay who told me to use my Bank of America account to send money to Paypal all through his link may not have been legit?

Re:So...

[The+Zon]

You know that guy too? Don't worry, I'm pretty sure he's legit. I just used his service to order some chemicals to clean the dye off of a suitcase full of money I'm splitting with an exiled doctor from Nigeria. Can you believe it? This doctor contacted me right out of the blue, and all I needed was a U.S. bank account and a sympathetic heart. And, except for the chemicals, this is all at no cost to me! I can't believe such a great proposition initially got filtered to my spam folder!

The list still isnt big enough

[Benaiah]

I still get phishing emails and see sites every week. It will be a glorious day when phishing sites and emails can be shutdown within seconds of being setup. This has the downside, that if google can do it with phishing. What if the government forces them to do it with something like pr0n? or build a p2p blacklist?

Re:The list still isnt big enough

[anakha]

Or political dissidents perhaps?

Re:The list still isnt big enough

[photomonkey]

Yeah, it really sucks. You want everything exactly your way, only to discover that you might have to put up with someone else in order to do what you want.

Shucks, I should be the only person allowed to use the InterTubes. Ever.

This one made me cry a little inside

[Rude+Turnip]

Here is one of the last entries on the Google blacklist:

+http://zeta-os.com/astats/bankofamerica/......... ..

For those not in the know, Zeta-os.com is/was the successor developer to YellowTab, which was developing a new operating system based on the old BeOS code. Now, zeta-os.com (or at least a part of it) has been reduced to a phishing site. *sigh*

Re:This one made me cry a little inside

[jasonwc]

I just loaded http://zeta-os.com/astats/bankofamerica/ on Firefox 2.0.0.1 using Firefox's built-in phishing detector using Google to provide the blacklist ["Check by asking Google about each site I visit" option]. It loaded the site just fine, without any warning.

Re:This one made me cry a little inside

[Rude+Turnip]

That's because I truncated the full URL. You have to follow the link in the article to get the whole thing.

Oh, and thanks for modding my little emotional episode as funny, you bastards.

Re:This one made me cry a little inside

[AndrewNeo]

I once got mail pointing to a phishing page on a school's website. Never know where those things are going to pop up..

Re:This one made me cry a little inside

[jasonwc]

This time I entered the full URL [http://zeta-os.com/astats/bankofamerica/online_bo fa_banking/e-online-banking/index.htm], and I did receive the warning message. However, the page that loaded was a harmless 404 Not Found page.

Google only blocklisted that particular URL what pointed to "bankofamerica/online_bofa_banking/e-online-bankin g/index.htm", so it should have no affect on legitimate usage of the site. Anyways, I can't see a legitimate reason why a site dedicated to software development would have "bankofamerica" and "online..banking" in its URL. Can you?

Maybe zeta-os.com was hacked, and was inadvertantly hosting a phishing site. Google blocked the specific URL, but allowed the rest of the site to be accessed. That seems perfectly reasonable to me.

Re:This one made me cry a little inside

[partenon]

I couldn't access the page:

Access Denied (content_filter_denied)

RESTRICTED ! -- You have attempted to access a restricted site. This restriction is to prevent you from inadvertently bringing offensive/non-business related material into the workplace. Seems somebody else is thinking it's phishing :-)

Re:This one made me cry a little inside

[nschubach]

Oh, and thanks for modding my little emotional episode as funny, you bastards.

Your supposed to enjoy the mod points even if they don't fit the mood or your intentions. It's kind of like getting a money from a pimp. At least your UserID isn't WienerPizza. :rolleyes:

Re:This one made me cry a little inside

[Tim+C]

A couple of weeks ago a work mate of mine visited a phishing site he got a scam email about, and filled the form in with a load of bogus data (to help poison their database). It wasn't until after he'd submitted the form that google warned him that the site was a suspected phishing site...

Re:This one made me cry a little inside

[Storlek]

You don't get points for funny.

Someone should start an "anti-spam"...

[PurifyYourMind]

...that blasts people with security information/education.

Re:Someone should start an "anti-spam"...

Yep,

we need a Firefox extension to allow us to type the spammers address in and let Firefox to check the site a few million times...

Re:Someone should start an "anti-spam"...

[FirienFirien]

Unfortunately that would just be confused with the anti-spam spam we already get. Just like the popups advertising popup blockers.

Google's not keeping up

[Jonnty]

Judging by the huge proportion of the blacklisted sites that are offline (and the tiny fraction that are actually phishing sites) it seems Google isn't taking this seriously enough. There is much, much more than 341 phishing sites in the world. This list should be being updated daily, they should start a way for suggesting sites or, if it exists, make it more visible.

For the only external blacklisting organisation on Firefox, and as the provider for possibly the most widely used toolbar ever, they're not taking this seriously enough. But would any security company come in with a better free blacklist?

Re:Google's not keeping up

[GigsVT]

They don't have to do this at all.

Any way to suggest sites would be gamed and abused. There are thousands of people in the "search engine optimization" "industry" that are total sleeze.

Re:Google's not keeping up

[Nasarius]

Any way to suggest sites would be gamed and abused.

How? How is a tool that allows you to submit URLs for review possible to abuse, aside from simple flooding?

Re:Google's not keeping up

[Anpheus]

Flooding.

No, really. Google is a big target. Right now, for SEO's, it's a big albeit moving target. That makes work harder for them. If Google opens up a suggestion system expect it to be shut down rather quickly for flooding.

Re:Google's not keeping up

[Ravadill]

In the comments section it's mentioned that the Encoded/Hashed blacklist is larger and more frequently updated than the plain text one.
I assume to prevent phishers using a live plain text list to know when they have been found.

Re:Google's not keeping up

[Tim+C]

That's simple to abuse. If there really is a human sat there reviewing submitted URLs, then you just DoS it, by flooding it with far more submissions than it's possible to review.

If it's an automatic, "X hits and you're blacklisted" type system, then zombie PC networks will be submitting URLs and getting legitimate sites blacklisted - sure, you probably won't be able to do that to a large, well known site, but there are millions of sites that would be vulnerable.

It's a nice idea, but I personally think that a world in which such a system would actually be practicable wouldn't need it in the first place. In ours, I just don't see it working; too easy to abuse, and too many people with an interest in abusing it (before we even get to the bored ne'er-do-wells)

Re:Google's not keeping up

The free service that Google voluntarily provides isn't up to your standards. Aww, shucks.

Your sense of entitlement might make this somewhat difficult for you to accept, but you disgust me, you whiny little bitch-boy.

Re:Google's not keeping up

[hotdiggitydawg]

they should start a way for suggesting sites or, if it exists, make it more visible. You mean, like this page?

Or, the "Help --> Report Web Forgery" menu in Firefox?

Or, the "Report phishing" option in the dropdown menu in Gmail?

How exactly to you think they should improve availability of this function?

Re:Google's not keeping up

[Marauder2]

they should start a way for suggesting sites

...

For the only external blacklisting organisation on Firefox, and as the provider for possibly the most widely used toolbar ever, they're not taking this seriously enough.

Something like http://www.google.com/safebrowsing/report_phish/ perhaps? Or within Firefox 2.x, Help -> Report Web Forgery?

If you think they need help, (they do) then grab the links from those pfishing emails and report them.

Re:Google's not keeping up

[simstick]

I use the phishtank plugin for firefox. And when I have a minute I jump on and rate some submitted phishes. One thing I disagree on is if a site is offline already people vote it as a not phish. I say if they are trying they need to be rated bad to build a history.

What I find Irritating

[tecker]

What I find irritating is when i try to go and visit one of these sites, usually not the phishing sites but "know malware sites", it does not provide you a link. You are given the link in a text form and it is not the most handy of ways to get there.

Dear google, Thanks for keeping me safe now can I go on? No? Why not? Oh because "you are keeping me safe" and you blacklist is perfect and knows what I shouldnt visit.

I want to be able via my google account to add or remove sites (blacklist, whitelist or even better graylist [hey you be careful in there, its got spyware all over it. Just click through])

Let me guess the feature is a "beta"

Here is a site that has a lot of IPs

[VGfort]

Banned IP Address - a lot of them are spammers or fake bots that will look around your website and fill your forms in the attempt to spam you or your forums/blog or whatever else you might have

Pollute the phishing sites

[thewils]

Go there and put in false information. Make it harder for them to get valid data.

Re:Pollute the phishing sites

[speculatrix]

mod parent up!

I do this when I have time... ensure you use what look like valid entries for bank a/c and pin values.

I also enter things like "f**k you spammer" into the name fields, so that when they go through to test the captured data, they get to see my opinion of them (yeah, relatively useless I know, but I get tiny twinge of pleasure at the thought)

Re:Pollute the phishing sites

Count me in for this one.... Done that a couple of times. Making someones data untrustful makes it almost useless. One have to go through every record to validate it as usefull. That is time consuming and demotivating.

On the other side, spending any second on those bastards is at least giving them attention. Not worth it, besides a feeling of annoying someone.

- Unomi -

Re:Pollute the phishing sites

[gsslay]

I also enter things like "f**k you spammer" into the name fields

Doesn't that negate the whole point of polluting the data with what look like valid bank accounts etc? Far better to have a completely fake name to go with the fake account. Let them waste their time attempting to use it.

I don't visit phishing sites, even though I'd love to mess with them this way. I know I have up-to-date virus and malware protection, but why risk visiting a site that you know is more than likely going to attempt to infect you?

Re:Pollute the phishing sites

In other news, IE6 was unsafe 284 days in 2006, are you sure you want to go there?

Re:Pollute the phishing sites

[mindriot]

Well, I wouldn't write "f**k you spammer" or anything like that, it makes your entries distinguishable. If you want to ensure having a correct credit card number (except for the CVV code, bug the phisher couldn't verify those directly anyway), you could use something like this quick dirty hack I wrote up a few months ago to spam a phishing site using simple wget queries. To read up on the format of valid credit card numbers, see for instance this article on the anatomy of credit card numbers. The following code worked for me to create numbers that were accepted by a phishing site I spammed:

my $cc = substr("000000" . int(rand(1000000)), -6); # Any format

# Add 9 digits for the account number
$cc .= int(rand(900000000))+100000000;

# Check digit: Luhn Code
my $checknum = 0;
for (my $j = 0; $j < length($cc); $j++) {
my $val = substr($cc, $j, 1);
if ($j % 2 == 0) {
# These will be doubled
my $v = 2*$val;
$v -= 9 if ($v > 9);
$checknum += $v;
} else {
# These will just be added normally
$checknum += $val;
}
}
# The last digit should add up to a multiple of 10
$cc .= ($checknum%10 != 0)?(10-($checknum%10)):'0';

# Output an expiration date (arbitrary, 2007..2015)
my $month = int(rand(12))+1;
my $year = qw(2007 2008 2009 2010 2011 2012 2013 2014 2015)[int(rand(9))];

# Random CVV2 code
my $cvv = substr("000" . int(rand(1000)), -3);

Re:Pollute the phishing sites

[blacknblu]

I have been reading on this lately, and found some products to poison spambots. The site itself (http://spamlinks.net/) is very informative, and gives some pretty good tips/techniques for combating spam.

Re:Pollute the phishing sites

[speculatrix]

erm, I use firefox, and I run linux.. so I presume you are still living in the darkside :-P

Re:Pollute the phishing sites

Thank you; sir!

I was going to write this myself but why re-invent the wheel.

I find immense pleasure in the thought of filling their DB's with bogus
but visually valid CC's.. any frustration I can cause them counts as deterrence.

Check out the whitelist

[tecker]

Either Google is really paranoid or they have yet to find a site to put on the whitelist that was linked to.

See for yourself what I mean Nothing there.

What?

[8ball629]

I tried signing into one of the listed Geocities site and nothing happened... what gives?

You mean to tell me this is not a legit Yahoo Photos gateway?!

Re:What?

Shifty is a clever one. He even disabled view source...oh wait

Interesting example for URL redirection

[mdemeny]

URL Redirection

Another surprising finding was that few of the phishing scams utilized open URL redirectors. This is a known technique whereby phishers identify redirection functionality at a popular website (e.g. Google) and use that functionality to redirect the victim to the targeted phishing site in order to minimize suspicion. Combing through the blacklist did however reveal the following redirection attack using Google AdWords: http://www.google.com/pagead/iclk?sa=l&ai=x&adurl= http://www.spidynamics.com

SPI Dynamics is a web application security software development company - not a phisher at all. Perhaps that example was used by them as a proof-of-concept and Google wasn't a big fan of that vulnerability being known?

safe browsing list

[chrisranjana.com]

That's good to know that blacklists like these are available. This will help in prevent or even reduce the number of credit card frauds and thefts that do occur on the web today.

Good help for fishing actually ...

[perenaurel]

from: a post on full-disclosure:

I just played around a bit with those lists and as it seems,
Google did a splendid job, even capturing some people's login data.
Like here:
http://sb.google.com/safebrowsing/update?version=g oog-black-url:1:7753

Regards,
J.M.
Professional Lurker

Google have fixed this link now but that was funny, most of the logins/passwords were for gmail accounts...

Good Experience with Paypal

[drewzhrodague]

Am I the only one that has had a good experience with Paypal? I mean, yah normal banks can handle a deposited check, but they also charge a monthly fee. Paypal OTOH cuts me a check for *interest*, and that is ontop of the 1.5% cash back they offer. I can sell junk on EBay, and take my PayPal card right to the liquor store. That's the best banking scenario I can imagine!

Re:Good Experience with Paypal

[Jo+Owen]

Monthly fee for a bank account? is that commen?

The only case where i would consider paying for a bank account would be a business account.. and i dont think Paypal is suitable for that...

Re:Good Experience with Paypal

[Dun+Malg]

Monthly fee for a bank account? is that commen? yes

The only case where i would consider paying for a bank account would be a business account.. How nice for you. Most banks require a minimum balance before they waive the monthly service fee. Many people do not have the kind of cash flow necessary to meet the minimum. This is one of the many ways they soak the poor.

Re:Good Experience with Paypal

[HistoricPrizm]

Dun Malg said:

Most banks require a minimum balance before they waive the monthly service fee. In my experience, it's just a matter of finding the right bank that has a relationship with someone you also have a relationship with. I get offers for free checking (no minimum balance requirements) through my alumni associations (undergrad and graduate), my wife's employer, my employer, even through the fact that my father-in-law is retired military. Dun Malg also said:

This is one of the many ways they soak the poor. I don't really think that is a fair portrayal of the situation. Banks charge fees for accounts that don't keep high balances because they don't make money on them. Banks are not charitable organizations, they are in business to make money.

Re:Good Experience with Paypal

[Dragonslicer]

I don't remember monthly fees on my old bank accounts, and the minimum balance was $100. My accounts now are at the credit union for my university, which has no fees and a minimum balance on my savings account of only $25.

Re:Good Experience with Paypal

[markwalling]

i have no fees, free checks, free atm transactions, cash back on card purchases, and rebates of foreign atm fees... the catch? you have to be ex-military or a (former) dependant of someone.

USAA

And I love my paypal account too

Re:Good Experience with Paypal

[scottv67]

Most banks require a minimum balance before they waive the monthly service fee.
In my experience, it's just a matter of finding the right bank that has a relationship with someone you also have a relationship with. I get offers for free checking (no minimum balance requirements) through my alumni associations (undergrad and graduate), my wife's employer, my employer, even through the fact that my father-in-law is retired military. Dun Malg also said:

This is one of the many ways they soak the poor.
I don't really think that is a fair portrayal of the situation. Banks charge fees for accounts that don't keep high balances because they don't make money on them. Banks are not charitable organizations, they are in business to make money.

Excellent advice on how to locate the "free checking" offers. I have a couple of additional tips:
1) Direct deposit. If your paycheck goes directly to your financial institution, you may be eligible for free checking.
2) Skip the "bank" and check-out a local credit union. As the parent poster said about banks, "they are in business to make money". While banks treat their customers like cattle that can be slowly tapped for blood, credit unions treat their customers like...people. I haven't had an account at a "bank" for fifteen years. I am a very happy credit union member.

Re:Good Experience with Paypal

[Captain+Splendid]

Banks charge fees for accounts that don't keep high balances because they don't make money on them.

Bullshit. Banks are (supposed) to be about aggregation. It shouldn't matter if you have 50 or 50 mil in your account, the bank is still using your money to lend out at higher rates than they pay you.

Re:Good Experience with Paypal

[zenslug]

I also like PayPal and haven't had any issues with them. Right now I have several thousand dollars in there earning 5%. Much better savings account than my 2% Bank Of America account.

Re:Good Experience with Paypal

[cyberwench]

Frankly, while I have had better experience in the past with credit unions, my latest experiences have been horrible. It's the sort of thing where they treat you like people and soak you for slightly less than the banks. I think that the smaller credit unions are generally good places to deal with, and the larger they get the more they become like regular banks.

Re:Good Experience with Paypal

[drinkypoo]

Most banks give you free savings with a checking account, and most banks give you free checking with direct deposit. Not weird-ass Washington Mutual though - check this bizarreness out. They give you free checking if you let them automatically move $25 to your savings every month. You can take it out five seconds after the transfer is complete and your checking is still free, so that's what I do, every month. It would be easier for everyone if they just gave me free checking. I only chose them as my bank because they are the ONLY bank in my county open after 5PM on weekdays and open on saturdays at all.

Re:Good Experience with Paypal

[orielbean]

If you have credit unions in the area, they are usually very good about no fees for basic checking. And they usually share ATMS with other small banks and so you only get atm fees at the big box banks.

Re:Good Experience with Paypal

[DerekLyons]

Am I the only one that has had a good experience with Paypal?

No, you aren't. Like any service - from Slashdot to your local quick-e-mart, Paypal has unsatisfied users. Those unsatisfied with Paypal however are *extremely* vocal.

Re:Good Experience with Paypal

[cloudmaster]

The last four banks (one of which is a credit union) I've used have had a minimum balance requirement ranging from $0 to $25 in order to have free checking. If you don't have "the cashflow" required to put $25 down up front and consider it spent until you leave the bank (it's not taken from you - you get it back if you leave), then it's arguable whether you need to actually use a bank at all.

They're not soaking the poor, they're soaking the lazy and/or stupid. I guess there's some overlap...

Re:Good Experience with Paypal

You say that like it's a bad thing. It's not their fault the satisfied users aren't just as vocal. Why don't you create a site extolling paypal's wonders?

Re:Good Experience with Paypal

[Jo+Owen]

Another joy of living in the UK it seems, none of the major banks charge for a basic account - nor do they have a minimum balance.

A basic account would consist of a Maestro/Visa card + cheque book. There arn't any charges for writing or cashing a cheque either.

Interesting to find that out about banks over there though

Biased

[vegardh]

This blurb is horribly biased, using ! and "amusingly" and "you guessed it". Google don't own any properties like Geocities, and don't have that problem. Yahoo! have several people weeding out scam stuff all day long.

Re:Biased

[Pyrusj]

Actually, Google does host sites via Googlepages. Granted, it's still in beta, but then so (still) is Gmail...

Google blacklist

[ituloy+angsulong]

At least Google made efforts to weed out these sites. http://www.ituloyangsulong.org/

BOA came in right now!

[Rick+Richardson]

Date: Fri, 05 Jan 2007 12:44:23 +0000
From: Bank of America
Subject: Secure SSL server update

[-- text/html is unsupported (use 'v' to view this part) --]

Mod Papa Funny

[PopeRatzo]

It made my ass laugh at 6am.

(a) Known for years and (b) not just Yahoo

[Arrogant-Bastard]

A. This problem has been discussed in depth on various
anti-spam mailng lists and newsgroups for many years.
This long-standing problem has been steadfastly ignored
by Yahoo, who went so far as to dismiss the key people
on their own abuse staff when they tried to address it.

As a consequence, it's now a better-than-even bet
that any site hosted by Yahoo belongs to a spammer,
phisher, spyware injector, child pornographer, scammer
or other lowlife. My own meager list of Yahoo-hosted
dropboxes for such stands at 26,831 this morning and
those are just the ones that brought themselves to
my attention, i.e. I'm passively noting them and not
actively searching them out.

As a result, Yahoo is one of the biggest spam-sending
and spam-supporting operations on the entire Internet.
(Oh, and Geocities is now completely infested. Rejecting
all inbound mail [except anti-spam discussions] that contains
a Geocities URL is a surprising effective tactic.)

B. They're not alone. For instance, MSN BCentral should
be renamed MSN SpamCentral -- it's just as bad. And Hotmail
cheerfully hosts spammer dropboxes by the tens of thousands.

There are others, but what makes these two particularly
annoying is that they make a public show of being anti-spam
by promoting snake-oil like SenderID and DomainKeys, both
of which are worthless. (If it isn't obvious why, then think
about the hundreds of millions of zombies -- hijacked Windows
systems -- out there and consider that their new masters
have possession of all email credentials belonging to their
former owners -- from POP passwords to PGP keys. It is not
possible to solve the forgery problem -- for any useful
definition of "solve" -- without solving this problem first.
Good luck. This same thing applies to SPF and variants, by
the way, all of which are complete failures.)

Another thing that distinguishes them is the absolutely
irresponsible, totally clueless way in which abuse reports
are handled. Most seem to disappear into black holes. The
majority of the rest are returned with semi-literate denials
that the abuse has any connection with their operation -- even
when their own IP address are clearly the source. If you'd
like to browse a huge number of examples of this, go to
Usenet's news.admin.net-abuse.email and search for
"Yahoo clueless" or "Hotmail clueless". Make coffee first.

The bottom line is that both of these services are huge abuse
magnets and have been for years, so I find it curious that
yet another report of the same old thing is deemed noteworthy.

ReGoogle ReSearch

[Doc+Ruby]

How does Google monitor these sites for content updates to update the Google index? Does Google offer the public (or private subscribers) a way to register a website or URL to be polled ongoing? Notification that it's changed? Web services offering "uptime" monitors seem to do this, as does apparently Google News. Can mere mortals access the feature?

Yahoo!? No kidding?

>>>
Amusingly, he also reveals that Yahoo! has a nasty habit of hosting phishing sites that harvest -- you guessed it -- Yahoo! credentials!"

No kidding? You mean the happiest host for the world's biggest spamhaus/scamhaus is hosting phishing sites too? No... I can't believe that.

Try reading craigslist sometime, particularly the personals sections. Every day, thousands (if not tens of thousands) of posts advertising scam porn/photo sites. Every site name includes the term 'pics' or 'photos'. All of the domains are registered with Yahoo domains and hosted on Yahoo servers. Same guy has gone through about 50 domains, always with 'photo' or 'pic' in the name - and Yahoo keeps allowing him to create new ones.

Then have a look at the thousands (if not tens of thousands) of posts every day for a credit card scam that uses Yahoo Geocities sites. At least 2 per day per city on craigslist. Yahoo Geocities allows the guy to create thousands of sites.

They are fully aware of the spamming and scamming activities of both operators (I've e-mailed them at least a dozen times and I'm sure others have done so too). They do nothing about it.

Yahoo inflates their user roles with those spammer accounts. At least a million and probably more than two million "user" accounts on Yahoo are porn bot accounts, used to spam and scam in the Yahoo chat rooms.

And you tell me that Yahoo hosts phishing sites? Why, one might start to think that Yahoo and Spam are synonyms...

www.microsoft.com, www.msn.com ...

[peter303]

Hmm, looks suspicious to me.

yahoo phishing site

[TheCybernator]

i went to mail.yahoo.com and they asked my name and password. i am smart and i fooled them by giving my gmail password.

Linking to original site

[aegl]

"The pages are generally exact replicas of the original web page and generally pull graphics (*.jpg, *.gif, etc.) from the legitimate web site."

The owners of the original sites should regularly rename the real image files, and replace the old files with images that would help inform the potential victim that they were on a scam site.

Next step is that the phishers no longer link to the image files, but copy them instead ... but this gives the real site owner another legal tool (copyright infringement) to shut down the phishing site plus a clear legal path to extract money from the phisher.

No. Banks are about PROFIT.

[Behrooz]

No. Banks are about PROFIT, not aggregation.

Aggregation may be a handy way of profiting, but so are obfuscated pricing structures and excessive fees. Someone with $200 in their account who gets laid off and bounces a check when one of their other checks is late coming in, then bounces ten more within a week because the bank happens to be a little slow notifying them that the first bounced check's overdraft fees wiped out their balance is going to net the bank a lot more than someone with $2,000 in their account.

Happened to my roommate last year. He doesn't use Wells Fargo anymore, but they made more money off the chained fees from that train-wreck than they would have off his balance in a decade.

The only thing worse than banks is those paycheck loan outfits... clear proof that God and most states in the US want the poor to stay that way.