Home page logo

pen-test logo Penetration Testing mailing list archives

Outlook catching Phishing Emails
From: One2 () onetwo com
Date: 28 Aug 2006 06:53:59 -0000

Hi All,

Just trying to do a phishing attack for a client where we spoof an internal email address and convince their employees 
to login to a fake website via a sneaky link.

Usually this is quite easy, however, this time I have hit the Microsoft security patch for Outlook 2003. This allows 
Outlook to check for phishy emails, and automatically shows the underlying links by changing from HTML to Text view.

The emails are now also ending up in the Junk E-mail folder, rather than the Inbox.

Does anyone know how I can get around Outlook detecting this email as phishy, or revealing the link? Maybe by encoding 
characters or something. 

Also, please assume that I don't have access to the user's Outlook to change their settings manually.


This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.

  By Date           By Thread  

Current thread:
  • Outlook catching Phishing Emails One2 (Aug 28)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]