[TAG] [lgang] Paypal spam
Benjamin A. Okopnik
ben at linuxgazette.net
Fri Feb 16 07:51:48 MSK 2007
[ Mike, I assume you actually wanted this in TAG instead of Lgang? ]
On Mon, Feb 12, 2007 at 08:39:20PM -0800, Mike Orr wrote:
> Another twist on the Paypal phishing scam.
Love that URL in part 2. Freakin' "0xc8.0x2b.0x50.0x74"? You'd
think that anyone dumb enough to just click on URLs in these "bank"
emails has already been stripped to the bone by sharks, but a) it
doesn't kill them off, and 2) There's One Born Every Minute. I guess the
spammers and the scammers will never run out of "soft targets".
Just for fun:
ben at Fenrir:~$ perl -wle'print join ".", map hex, "0xc8.0x2b.0x50.0x74" =~ /0x(..)/g'
ben at Fenrir:~$ whois 220.127.116.11|egrep '^[a-z-]+:'
owner: Coop.Telef?ica de Villa del Totoral Ltda.
responsible: Carlos Sanchez
address: Pte.Per?, 551,
address: 5236 - Villa del Totoral (Cordoba) -
phone: +54 3524 647574 
person: Carlos R. Sanchez
e-mail: csanchez24 at COOPTOTORAL.COM.AR
address: Pte Peron 551, 0054, 3524470900
address: 5236 - Villa del Totoral -
phone: +0054 3524 470900 
Ah, a default install of RHEL that got cracked. I'm feeling a bit too
lazy to ping the admin myself... it would be like sweeping back the
* Ben Okopnik * Editor-in-Chief, Linux Gazette * http://LinuxGazette.NET *
More information about the TAG