[X Newbies] Vicious Spam
Andy Carroll
andy.carroll at sympatico.ca
Mon Jan 26 07:20:24 PST 2004
>Can anyone explain how spammers can give you an url that sure as
>hell looks legitimate, all the way down to the .gov domain?
In my old Eudora, which isn't always terribly clever about displaying
HTML in e-mail, the address came through like this:
> http://www.fdic.gov/idverify/cgi-bin/index.htm
And the next line was this:
> <http://www.fdic.gov�@211.191.224.108:3180/index.htm>
The first address is the displayed one, and the second is the one
that you'll be sent to if you click on the first. Note that they're
not the same. This scam takes advantage of a vulnerability discovered
in Internet Explorer discovered a couple months ago.
There's more info at http://www.dslreports.com/shownews/36402, and
there's probably more recent info out there. I'm not sure whether
there's a fix yet.
Andy
--
Andy Carroll
andy.carroll at sympatico.ca
Toronto, Canada
More information about the X-Newbies
mailing list