|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: Discovering and Stopping Phishing/Scam Attacks
From: Alex (incidents
alex.gotdns.org)
Date: Tue Apr 26 2005 - 18:51:19 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
I agree that checking by referer addresses is a powerful way to detect
phishing sites, but such logs can easily be adverted?
Doesn't some anti-popup software remove referer fields?
Simple use of javascript can allow a page to fetch anything without
showing up in referer logs.
While we are on the subject, has anyone come across commercial and/or
government websites being (illegally?) mirrored?
For example, I recently came a website located on a (Asian?) hosting
provider where the content of the website was EXACTLY that of a well-known
US govt website. (It appeared that they ran the equivalent of a recursive
"wget" on the real site and hosted the files). It appeared to be several
layers deep.
Why would anyone want to do that?
-Alex
--------------------------------------------------------------------------
Test Your IDS
Is your IDS deployed correctly?
Find out quickly and easily by testing it with real-world attacks from
CORE IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708
to learn more.
--------------------------------------------------------------------------
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]