[TAG] [lgang] Paypal spam
Benjamin A. Okopnik
ben at linuxgazette.net
Fri Feb 16 07:51:48 MSK 2007
[ Mike, I assume you actually wanted this in TAG instead of Lgang? ]
On Mon, Feb 12, 2007 at 08:39:20PM -0800, Mike Orr wrote:
> Another twist on the Paypal phishing scam.
>
> http://sluggo.scrapping.cc/tmp/cartoon-paypal-fraud-part1.png
> http://sluggo.scrapping.cc/tmp/cartoon-paypal-fraud-part2.png
Love that URL in part 2. Freakin' "0xc8.0x2b.0x50.0x74"? You'd
think that anyone dumb enough to just click on URLs in these "bank"
emails has already been stripped to the bone by sharks, but a) it
doesn't kill them off, and 2) There's One Born Every Minute. I guess the
spammers and the scammers will never run out of "soft targets".
Just for fun:
``
ben at Fenrir:~$ perl -wle'print join ".", map hex, "0xc8.0x2b.0x50.0x74" =~ /0x(..)/g'
200.43.80.116
ben at Fenrir:~$ whois 200.43.80.116|egrep '^[a-z-]+:'
inetnum: 200.43.80.112/28
status: reallocated
owner: Coop.Telef?ica de Villa del Totoral Ltda.
ownerid: AR-CVTL-LACNIC
responsible: Carlos Sanchez
address: Pte.Per?, 551,
address: 5236 - Villa del Totoral (Cordoba) -
country: AR
phone: +54 3524 647574 []
owner-c: CRS3
tech-c: CRS3
created: 20040420
changed: 20040420
inetnum-up: 200.43/16
nic-hdl: CRS3
person: Carlos R. Sanchez
e-mail: csanchez24 at COOPTOTORAL.COM.AR
address: Pte Peron 551, 0054, 3524470900
address: 5236 - Villa del Totoral -
country: AR
phone: +0054 3524 470900 [470000]
created: 20040213
changed: 20040213
''
Ah, a default install of RHEL that got cracked. I'm feeling a bit too
lazy to ping the admin myself... it would be like sweeping back the
tide.
--
* Ben Okopnik * Editor-in-Chief, Linux Gazette * http://LinuxGazette.NET *
More information about the TAG
mailing list