[LINK] ICANN phishing
Craig Sanders
cas at taz.net.au
Fri Oct 27 17:20:46 AEST 2006
On Fri, Oct 27, 2006 at 04:58:33PM +1000, Richard Chirgwin wrote:
> Kim Holburn wrote:
> >
> >On 2006 Oct 27, at 3:57 PM, Richard Chirgwin wrote:
> >
> >>And the headers say?
> >
> >As you can see it's not really conclusive (I've changed my info).
> >
> >Received: from netsol.outbound.ed10.com (netsol.outbound.ed10.com
> >[64.14.81.242])
>
> Is e10 a registrar? Because it has, on the face of it, nothing to do
> with Network Solutions, the purported source of the e-mail. I would say
> a message claiming to be from Network Solutions, but actually coming
> from a company called e-Dialog, and asking for "enter your password", is
> conclusive enough to be counted as phishing.
also, according to whois, the whois record for ed10.com was last updated
today (27-Oct-2006 03:15:02 EDT). this is a pretty good indicator that
the domain recently expired and was snapped up by a spammer/phisher
before the actual domain owner noticed.
in any case, never click on a link in an email. always type it into
the location bar or use your browser's bookmark feature.
better yet, don't use a HTML capable mail client. that way you can't
make a mistake and click on a link, you have to either cut and paste the
url or type it in. and you get to avoid HTML image spam too.
craig
--
craig sanders <cas at taz.net.au> (part time cyborg)
More information about the Link
mailing list