Re: [WEB SECURITY] Google Redirect URL actively used for Phishing

["Brian Eaton" <eaton.lists@xxxxxxxxx>]

On 8/22/06, Collin Jackson <collinj@xxxxxxxxxxxxxxx> wrote:
> This is not new. I've seen phishing sites using this technique for over a year.

I'd like to take a careful look at when new phishing techniques
appear, and how long they persist.  Techniques that don't succeed in
fooling users will probably go away.  Techniques that tip off spam
filters will probably go away.  Techniques that turn out to be
effective will persist, at least until somebody figures out how to
block those techniques.  Oddly enough, using proper spelling doesn't
appear to be a requirement for a phishing e-mail to be successful,
since the phishing gangs still haven't started using spell checkers.
I'm waiting to see whether that citibusiness web site with the
two-factor auth gets phished again.  Maybe 2FA made that phishing run
uneconomical?

If bouncing redirects through trusted domain names has been going on
for over a year, it must be a useful technique to fool people into
clicking on links.  Maybe it's time for those well-known domains to
step up and remove those redirectors?

Regards,
Brian

----------------------------------------------------------------------------
The Web Security Mailing List: 
http://www.webappsec.org/lists/websecurity/

The Web Security Mailing List Archives: 
http://www.webappsec.org/lists/websecurity/archive/
http://www.webappsec.org/rss/websecurity.rss [RSS Feed]