Phishers Use Wildcard DNS to Build Convincing Bait URLs - Spamfo   - 1,667 Views,

Summary: From Across the Pond, written by Andrew Robinson over at Spamfo: Phishing operations have begun using DNS wildcards and URL encoding to create email links that display the URLs of legitimate banking sites, but send victims to spoof sites designed to steal their ...

Previous Article « VOIP + Net Smart Devices = Voipullar Phones
Read Next Article » T-Mobile Sidekick in no Danger as Network Outage Frustrates Customers

  Follow Anne on Twitter

From Across the Pond, written by Andrew Robinson over at Spamfo:

Phishing operations have begun using DNS wildcards and URL encoding to create email links that display the URLs of legitimate banking sites, but send victims to spoof sites designed to steal their login details. This may sound familiar as it is not unlike the eBay phishing bug on which Aunty reported just yesterday.

A wildcard DNS record (*.example.com) will resolve all requests that are not matched by any other record. Wildcards are typically used to manage errant or mistyped e-mail addresses, but have been routinely abused by spammers.

In recent weeks wildcard DNS settings have been used in a wave of phishing attacks on Barclays Bank, in which the “bait” email included URLs starting with barclays.co.uk, followed by a lengthy sequence of letters and symbols. Several examples:

http://barclays.co.uk|snc9d8ynusktl2wpqxzn1anes89gi8z.dvdlinKs.at/pgcgc3p/
http://barclays.co.uk|YJ3EMOHOqljQ8J5oW2ZKyTaRMQOahSWaxTrFTEQK9l9VVQj6jDtyq10d24r2h0bijh2
http://barclays.co.uk|34fdcb4rvdnp9phxbahhvbs6l56a2uyx%2edivxmovies%2ea%74/41pvaw3/

The phishers use…

Read more at Phishers Use Wildcard DNS to Build Convincing Bait URLs - Spamfo

Phishers Use Wildcard DNS to Build Convincing Bait URLs - Spamfo

 Follow Anne on Twitter

 Twitter Explained in Plain English

 Friend Anne on Facebook

Previous Article « VOIP + Net Smart Devices = Voipullar Phones
Read Next Article » T-Mobile Sidekick in no Danger as Network Outage Frustrates Customers

Read more:

»  Spamalot Exposes Mailing List - Spamfo

»  Man Jailed Over Sick Tsunami Email Hoax

»  Phishing at Blackpool: Man Arrested

»  Vigilante spam software costs money

For additional similar stories check out our archives on Phishing

NOTE: We never, ever, ever will recommend any product or service on this site that we have not regularly used ourselves and do not wholeheartedly believe in. That said, in some cases after being very pleased with a product or service, we may enter into a relationship with the provider of that product or service such that if someone purchases that product or service based on our recommendation, we may get a small payment. Such payments go towards the upkeep of the Internet Patrol.

 

No Comments »

No comments yet.

RSS feed for comments on this post.

Leave a comment

Warning! All comments which contain URLs and are clearly just spam to generate a link back to the URL will be deleted on sight. Don't bother wasting your time!

If you are going to include a URL in your comment,
please keep it under 25 characters in length,
or use TinyURL to shorten it before including it in your comment.

Line and paragraph breaks are automatic, your email address is never displayed.
HTML allowed: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

(required)

(required)


If you have not posted a comment here before, we apologize for having to ask you to enter the letters and numbers you see in the image above to validate your comment, but we are being attacked by thousands of comment form spams every day! You only need to do this once; once you have successfuly posted a comment here you will not be asked to do this again. Thank you for your understanding!

 
 This article first appeared on 3/7/2005
The Internet Patrol
Patrolling the Internet for You!