Disscecting a phish: almost too cleverhttps://stvrly.wordpress.com/2010/08/11/disscecting-a-phish-almost-too-clever/Admin Note: Article no longer available.
By Steve Riley, 11 August 2010
Recently a customer forwarded a phishing email he received. It was pretty close to the usual: claims of too many failed logins necessarily requires account suspension pending verification. This one had a curious twist: rather than encouraging the victim to click a malicious link, the email included an attachment. Not just any attachment, mind you, but an HTML form the victim was instructed to open in his web browser. The attacker did a decent job spoofing the Amazon look and feel–he pulled CSS directly from our site.
« Last Edit: October 15, 2011, 06:48:53 AM by Bugbatter »
Microsoft Consumer Security MVP, July 2007-June 2010
"Fight your fights, find the grace in all the things that you can't change and help somebody, if you can." Van ZantA Beacon of Light