Network Security: Detailed info on Re: Discovering and Stopping Phishing/Scam Attacks

Subject:	Re: Discovering and Stopping Phishing/Scam Attacks
Date:	Tue, 26 Apr 2005 18:51:19 -0500 (CDT)

Subject:

Re: Discovering and Stopping Phishing/Scam Attacks

Date:

Tue, 26 Apr 2005 18:51:19 -0500 (CDT)

I agree that checking by referer addresses is a powerful way to detect
phishing sites, but such logs can easily be adverted?

Doesn't some anti-popup software remove referer fields?

Simple use of javascript can allow a page to fetch anything without
showing up in referer logs.

While we are on the subject, has anyone come across commercial and/or
government websites being (illegally?) mirrored?

For example, I recently came a website located on a (Asian?) hosting
provider where the content of the website was EXACTLY that of a well-known
US govt website.  (It appeared that they ran the equivalent of a recursive
"wget" on the real site and hosted the files).  It appeared to be several
layers deep.

Why would anyone want to do that?

-Alex


--------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it with real-world attacks from 
CORE IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 
to learn more.
--------------------------------------------------------------------------

<Prev in Thread]	Current Thread	[Next in Thread>
Discovering and Stopping Phishing/Scam Attacks, steven Re: Discovering and Stopping Phishing/Scam Attacks, Randy Re: Discovering and Stopping Phishing/Scam Attacks, Lode Vermeiren RE: Discovering and Stopping Phishing/Scam Attacks, matt.neeley Re: Discovering and Stopping Phishing/Scam Attacks, byte_jump Re: Discovering and Stopping Phishing/Scam Attacks, Michael J. Pomraning Re: Discovering and Stopping Phishing/Scam Attacks, byte_jump Re: Discovering and Stopping Phishing/Scam Attacks, Crispin Cowan Re: Discovering and Stopping Phishing/Scam Attacks, thomas adams Re: Discovering and Stopping Phishing/Scam Attacks, Alex <= Re: Discovering and Stopping Phishing/Scam Attacks, byte_jump RE: Discovering and Stopping Phishing/Scam Attacks, Thomas Adams Re: Discovering and Stopping Phishing/Scam Attacks, byte_jump RE: Discovering and Stopping Phishing/Scam Attacks, Scovetta, Michael V RE: Discovering and Stopping Phishing/Scam Attacks, Marco A. Zamora Cunningham RE: Discovering and Stopping Phishing/Scam Attacks, Krul Thomas RE: Discovering and Stopping Phishing/Scam Attacks, Calder, James (EXP) RE: Discovering and Stopping Phishing/Scam Attacks, webcenter RE: Discovering and Stopping Phishing/Scam Attacks, Randy RE: Discovering and Stopping Phishing/Scam Attacks, Nuno Costa

<Prev in Thread]

Current Thread

[Next in Thread>

Previous by Date:	Re: Discovering and Stopping Phishing/Scam Attacks, Michael J. Pomraning
Next by Date:	Re: Discovering and Stopping Phishing/Scam Attacks, byte_jump
Previous by Thread:	Re: Discovering and Stopping Phishing/Scam Attacks, thomas adams
Next by Thread:	Re: Discovering and Stopping Phishing/Scam Attacks, byte_jump
Indexes:	[Date] [Thread] [Top] [All Lists]

Previous by Date:

Re: Discovering and Stopping Phishing/Scam Attacks, Michael J. Pomraning

Next by Date:

Re: Discovering and Stopping Phishing/Scam Attacks, byte_jump

Previous by Thread:

Re: Discovering and Stopping Phishing/Scam Attacks, thomas adams

Next by Thread:

Re: Discovering and Stopping Phishing/Scam Attacks, byte_jump

Indexes:

[Date] [Thread] [Top] [All Lists]