Phishers Use Wildcard DNS to Build Convincing Bait URLs - Spamfo - 1,654 Views,

Summary: From Across the Pond, written by Andrew Robinson over at Spamfo: Phishing operations have begun using DNS wildcards and URL encoding to create email links that display the URLs of legitimate banking sites, but send victims to spoof sites designed to steal their ...

Previous Article « VOIP + Net Smart Devices = Voipullar Phones
Read Next Article » T-Mobile Sidekick in no Danger as Network Outage Frustrates Customers

Follow Anne on Twitter

From Across the Pond, written by Andrew Robinson over at Spamfo:

Phishing operations have begun using DNS wildcards and URL encoding to create email links that display the URLs of legitimate banking sites, but send victims to spoof sites designed to steal their login details. This may sound familiar as it is not unlike the eBay phishing bug on which Aunty reported just yesterday.

A wildcard DNS record (*.example.com) will resolve all requests that are not matched by any other record. Wildcards are typically used to manage errant or mistyped e-mail addresses, but have been routinely abused by spammers.

In recent weeks wildcard DNS settings have been used in a wave of phishing attacks on Barclays Bank, in which the “bait” email included URLs starting with barclays.co.uk, followed by a lengthy sequence of letters and symbols. Several examples:

http://barclays.co.uk|snc9d8ynusktl2wpqxzn1anes89gi8z.dvdlinKs.at/pgcgc3p/
http://barclays.co.uk|YJ3EMOHOqljQ8J5oW2ZKyTaRMQOahSWaxTrFTEQK9l9VVQj6jDtyq10d24r2h0bijh2
http://barclays.co.uk|34fdcb4rvdnp9phxbahhvbs6l56a2uyx%2edivxmovies%2ea%74/41pvaw3/

The phishers use…

Phishers Use Wildcard DNS to Build Convincing Bait URLs - Spamfo

Follow Anne on Twitter

Twitter Explained in Plain English

Previous Article « VOIP + Net Smart Devices = Voipullar Phones
Read Next Article » T-Mobile Sidekick in no Danger as Network Outage Frustrates Customers

» Man Jailed Over Sick Tsunami Email Hoax

» Phishing at Blackpool: Man Arrested

» Vigilante spam software costs money

For additional similar stories check out our archives on Phishing

NOTE: We never, ever, ever will recommend any product or service on this site that we have not regularly used ourselves and do not wholeheartedly believe in. That said, in some cases after being very pleased with a product or service, we may enter into a relationship with the provider of that product or service such that if someone purchases that product or service based on our recommendation, we may get a small payment. Such payments go towards the upkeep of the Internet Patrol.

No Comments »

No comments yet.

RSS feed for comments on this post.

Warning! All comments which contain URLs and are clearly just spam to generate a link back to the URL will be deleted on sight. Don't bother wasting your time!
If you are going to include a URL in your comment,
please keep it under 25 characters in length,
or use TinyURL to shorten it before including it in your comment.
Line and paragraph breaks are automatic, your email address is never displayed.
HTML allowed: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

This article first appeared on 3/7/2005

About

About TIP

About Anne

Follow Anne On:

Twitter
Linked In
Facebook

*Twitter Explained in Plain English

Search
Categories

Recent Comments to Our Articles

Sue Burke: I had an order almost finished on Nov. 7, 2009 @ 1:10 PM and your internet server went down and I didn't get the order read

Katy: When you enter into a marriage, it is you and another person promising to stay faithful and be with just you for the rest of read

Allen MacCannell: I love the dry wit - ability to call in during normal business hours. :-) read

Tara: I wanted to join the Ft Myers FLA Freecycle group and when I applied I was refused membership and told to change my screen name read

Susan: Michael, thank you and I am so sorry about your mother. I will follow up all I can to bring some kind of justice. read

krishnappa: hi,me krishnappa malali my cellphone n73 was stolen plez findout and contect me on this no 9738224672 read

DAWNE RIVERS: THIS IS BULL.....I HAVE HAD NOTHING BUT TROUBLES WITH THIS PIECE OF S*** PHONE! IM SOOO OVER IT T MOBILE NEEDS TO REIMBURSE IT CUSTOMER read

Lessy: Yes, easy way. But darn, I wish the developers would have thought about showing SUBFOLDERS in the lists, too. When you have 200 sounds on your read

Michael: Dear Susan Simon #48 my Mother has suffered the same as your Father and was the same age when this happened.At least your Father has read

richard: I got sms on my mobile that i have won 250,000 dollars on that cococola add i get very excited but when i reply i read

andrew: some idiot went through my bag at school and stole my $300 dollar cell phone how do i track it down so i can beat read

MC: Wire tapping can be considered a Federal Crime, unless it is your Employer's Company policy, your significant other, and *maybe* some other possibilities. read

Bill: It's bad enough that Microsoft rips most of it's GUI ideas from Apple, but store employees? At least it's good to know that Microsoft is not read

Bill: @g-man - It's always been an unwritten rule that you can copy to, but never copy from an iPod. You should have burned your music read

dill: 300 crate & barell for sale read

Get a FREE summary of the week's articles by email every Friday!
We NEVER share your email address, and you can stop them any time!

Be sure to watch for the confirmation email!

Search

Get a FREE summary of the week's articles by email every Friday!
We NEVER share your email address, and you can stop them any time!

Be sure to watch for the confirmation email!