Home page logo

fulldisclosure logo Full Disclosure mailing list archives

Re: Phishing and Spammers
From: Nick FitzGerald <nick () virus-l demon co uk>
Date: Thu, 15 Jun 2006 12:17:27 +1200

Michael Weinert to Cardoso:

A simple SQL query can delete all records from the same IP/machine, if
the counter is above 2.

You think most (some?) spammers use SQL servers to store their stolen 
identity data?

I've only ever seen scripted Email, other folks' formmail and plain 
text file on the hosting server...

Ha, you think phisher are that smart? I for myself hit the button
only once with fake credentials from my dynamic IP.
If everybody does it... Well...

Well, more phishers will implement LUHN checks and other more advanced 
forms of sanity checking we already occasionally see to weed out the 
fakers.  The truly dumb phishers will lose out for a while, then 
someone smarter who'd rather not get caught for phishing-type fraud 
will make a kit that does the smart stuff the smart phishers have been 
doing for a while and make a bundle selling this kit to the dumb 
phishers who want to get back into the business...

Ohhh, and I believe there are already commercial operations that offer 
distributed, automated fake form-stuffing (among other things) as part 
of their "anti-phishing" services (and some of them may have filed 
patents on (variations of) this idea).


Nick FitzGerald

Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]