mailing list archives
Re: Phishing and Spammers
From: Nick FitzGerald <nick () virus-l demon co uk>
Date: Thu, 15 Jun 2006 12:17:27 +1200
Michael Weinert to Cardoso:
A simple SQL query can delete all records from the same IP/machine, if
the counter is above 2.
You think most (some?) spammers use SQL servers to store their stolen
I've only ever seen scripted Email, other folks' formmail and plain
text file on the hosting server...
Ha, you think phisher are that smart? I for myself hit the button
only once with fake credentials from my dynamic IP.
If everybody does it... Well...
Well, more phishers will implement LUHN checks and other more advanced
forms of sanity checking we already occasionally see to weed out the
fakers. The truly dumb phishers will lose out for a while, then
someone smarter who'd rather not get caught for phishing-type fraud
will make a kit that does the smart stuff the smart phishers have been
doing for a while and make a bundle selling this kit to the dumb
phishers who want to get back into the business...
Ohhh, and I believe there are already commercial operations that offer
distributed, automated fake form-stuffing (among other things) as part
of their "anti-phishing" services (and some of them may have filed
patents on (variations of) this idea).
Full-Disclosure - We believe in it.
Hosted and sponsored by Secunia - http://secunia.com/
Re: Phishing and Spammers Dave King (Jun 15)