Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security FullDisclosure
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Full-disclosure] Re: [HV-PAPER] Anti-Phishing Tips You Should NotFo

from [ad@heapoverflow.com] Network Security [Permanent Link]
Subject: Re: [Full-disclosure] Re: [HV-PAPER] Anti-Phishing Tips You Should NotFollow
Date: Fri, 31 Mar 2006 16:08:31 +0200 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
 
btw someone maybe know the fastest way to report a phish to yahoo ?
Because I have identified & forwarded some phish to them via
http://add.yahoo.com/fast/help/abuse/cgi_abuse but it took them around
3-4 days to stop them , so is this the correct link to report a "from
yahoo"
phish  or if anyone has the correct email address , thank you.

ADovi


Dave Korn wrote:

Jasper Bryant-Greene wrote:

Marcos Agüero wrote:

Jasper Bryant-Greene escribió:

Seriously though, it wouldn't be that hard to forward the POST on
to the real bank website, would it?

I think so, but would be very easy to detect. Logs would show lots of
diferent user logging in from the same IP Address.

Phishing scams are public in nature. They aren't trying to avoid
detection :) and the IP address would of course be spoofed.


  No it wouldn't.  IP address spoofing is easy over UDP but incredibly
difficult over TCP.

    cheers,
      DaveK


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.1 (MingW32)
 
iD8DBQFELTffFJS99fNfR+YRAg0tAKDHIleVWUM+eSj3TNfoC0AjgJsqCACfZ2TE
6LflUqoU7HwXf7+37Hug+7s=
=h+0A
-----END PGP SIGNATURE-----

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  [Full-disclosure] A Move to Remove, Edward Pearson
Next by Date:  Re: [Full-disclosure] A Move to Remove, ragdelaed
Previous by Thread:  [Full-disclosure] Re: [HV-PAPER] Anti-Phishing Tips You Should NotFollow, Dave Korn
Next by Thread:  Re: [Full-disclosure] [HV-PAPER] Anti-Phishing Tips You Should Not Follow, Valdis . Kletnieks
Indexes:  [Date] [Thread] [Top] [All Lists]