anyedie Posted October 5, 2007 Share Posted October 5, 2007 I get phishing e-mails on one of my e-mail accounts pretty regularly. Most of the time they get deleted quickly, but sometimes I get curious and check them out. I look at where the link is pointing, how it works, and usually run a little enumeration on the server. What I have noticed is that most of the phishing e-mails have one main thing in common: they are either on or re-directed off some innocuous server. One looked like a Spanish frat boy site, the other a Chinese business solutions site (or something like that). The most recent one I received though was redirected off what appears to be a old server some guy in the east (USA) put up in the 2004 as a personal blog and then goes to another server which seems kind of like a legitimate business website. (although come to think of it, i think it was a Chinese website yesterday...) In any case, my questions is: What are the chances that the blog guy knows that his site is being used to redirect people to a phishing site? Should I send e-mails to these sites admins telling them about this? Are phishing website actually against the law is the US? (possibly why mine are usually redirected to another country?) If these sites are obvious fronts strictly to run phishing scams, could one make an argument for ethical hacking? Also, not sure if I should do this, if not Mods please delete. But I will include the link I was sent (well, where it was pointing) hxxp://www.fuerst-of-all.com/images/boa.html (Edit - Moonlit: Careful with this link, I x'd out the http so no-one clicks it by accident, be aware that this link may not be safe.) the fuerst-of-all.com is the blog site and the boa.html is the redirect thanks! :-P Edit: DNSStuff.com is now asking for paid memberships, does anyone know a similar free site I cant find a good one. :-( Quote Link to comment Share on other sites More sharing options...
DLSS Posted October 5, 2007 Share Posted October 5, 2007 seeing the page is in his image directory, i'm guessing at one point he had a badly coded image upload script or something that got exploited, shelled, and some of these pages put up, so i doubt he kno's about it ... Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.