Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security FullDisclosure
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: [Full-disclosure] [HV-PAPER] Anti-Phishing Tips You Should NotFollow

from [Thomson, Ross] Network Security [Permanent Link]
Subject: RE: [Full-disclosure] [HV-PAPER] Anti-Phishing Tips You Should NotFollow
Date: Fri, 31 Mar 2006 09:17:54 +0100 

I have seen one phishing site which did exactly that-

It tried to login to the real site with the credentials you supplied;  if it
returned a successful login, the userid/password was logged. If it returned
a 'access denied' the userid/password was not logged.


________________________________________________
Ross Thomson | Capgemini | Southbank
Anti-Virus Content Management | Outsourcing
Int: 700 3621 | Ext: + 44 (0)870 904 3621
ross.thomson@capgemini.com | www.capgemini.com
95-97 Wandsworth Road, London. SW8 2HG

Join the Collaborative Business Experience
________________________________________________


-----Original Message-----
From: full-disclosure-bounces@lists.grok.org.uk
[mailto:full-disclosure-bounces@lists.grok.org.uk] On Behalf Of Jasper
Bryant-Greene
Sent: 31 March 2006 09:11
To: Marcos Agüero
Cc: full-disclosure@lists.grok.org.uk
Subject: Re: [Full-disclosure] [HV-PAPER] Anti-Phishing Tips You Should
NotFollow

Marcos Agüero wrote:

Michal Zalewski escribió:

On Fri, 31 Mar 2006 michaelslists@gmail.com wrote:


If the website then presents you with the "Logon failed" page, you
are possibly on a legitimate website, so you may proceed with
logging in using your correct credentials. If it gets you right
through - it is definitely a phishing attempt.

Note to self: design my next phishing website to always display
"logon failed".

Just as most of the phishing sites already do.


Really? I thought they somehow magically knew enough about you to sign you
in properly and display all the correct details ;)

Seriously though, it wouldn't be that hard to forward the POST on to the
real bank website, would it?

--
Jasper Bryant-Greene
General Manager
Album Limited

http://www.album.co.nz/     0800 4 ALBUM
jasper@album.co.nz          021 708 334

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

This message contains information that may be privileged or confidential and is 
the property of the Capgemini Group. It is intended only for the person to whom 
it is addressed. If you are not the intended recipient,  you are not authorized 
to read, print, retain, copy, disseminate,  distribute, or use this message or 
any part thereof. If you receive this  message in error, please notify the 
sender immediately and delete all  copies of this message.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • RE: [Full-disclosure] [HV-PAPER] Anti-Phishing Tips You Should NotFollow, Thomson, Ross <=
Previous by Date:  Re: [Full-disclosure] Re: [Owasp-dotnet] RE: 4 Questions: Latest IE vulnerability, Firefox vs IE security, User vs Admin risk profile, and browsers coded in 100% Managed Verifiable code, Joe Ciechanowski
Next by Date:  Re: [Full-disclosure] A Move to Remove, trains
Previous by Thread:  [Full-disclosure] Claroline <= 1.7.4 (scormExport.inc.php) Remote Code Execution Exploit by rgod, Siegfried
Next by Thread:  [Full-disclosure] Doctoral Thesis, pwnd.security.pwnd
Indexes:  [Date] [Thread] [Top] [All Lists]