[LINK] ICANN phishing

Craig Sanders cas at taz.net.au
Fri Oct 27 17:20:46 AEST 2006

On Fri, Oct 27, 2006 at 04:58:33PM +1000, Richard Chirgwin wrote:
> Kim Holburn wrote:
> >
> >On 2006 Oct 27, at 3:57 PM, Richard Chirgwin wrote:
> >
> >>And the headers say?
> >
> >As you can see it's not really conclusive (I've changed my info).
> >
> >Received: from netsol.outbound.ed10.com (netsol.outbound.ed10.com 
> >[])
> Is e10 a registrar? Because it has, on the face of it, nothing to do 
> with Network Solutions, the purported source of the e-mail. I would say 
> a message claiming to be from Network Solutions, but actually coming 
> from a company called e-Dialog, and asking for "enter your password", is 
> conclusive enough to be counted as phishing.

also, according to whois, the whois record for ed10.com was last updated
today (27-Oct-2006 03:15:02 EDT). this is a pretty good indicator that
the domain recently expired and was snapped up by a spammer/phisher
before the actual domain owner noticed.

in any case, never click on a link in an email.  always type it into 
the location bar or use your browser's bookmark feature.

better yet, don't use a HTML capable mail client. that way you can't
make a mistake and click on a link, you have to either cut and paste the
url or type it in. and you get to avoid HTML image spam too.


craig sanders <cas at taz.net.au>           (part time cyborg)

More information about the Link mailing list