[SGVLUG] Social engineering done right...
matti
mathew_2000 at yahoo.com
Thu Mar 16 11:37:04 PST 2006
Hi,
> Seems to me that there are probably three possibilities, in order of
> probability:
>
> 1) The owner of postcards.org is doing this scam
> 2) The system that hosts postcards.org is compromised and someone
> thought it'd be a good way to scam people
> 3) An insider @ ServePath configured the domain/system this way with
> or without permission.
4) Adjacent system compromised (tom pointed this possibility out iirc)
fyi - there also are various ways to attack DNS servers
and host tables...
google search brings up a few interesting notes:
(searched on: postcards.org spyware)
http://www.dynamoo.com/diary/postcards-org.htm
spammuseum.co.uk had what appeared to be your
exact server name "www2" but unfortunately
the original page isnt available (google
cache however does show it.)
in fact postcards themselves explain a bit:
http://www.postcards.org/postcards/special/aunt_edna_virus.html
looks like postcards.org are really pissed off:
"And if you happen to hit him with a fast-moving car,
we'll won't be displeased."
best
matti
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
More information about the SGVLUG
mailing list