[LINK] PayPal phishing scam - is this a domain hijack
rick at praxis.com.au
Fri Jan 19 16:25:15 AEDT 2007
Rick Welykochy wrote:
> If an attacked can change the hosts file on a victim's computer (!)
Of course, I meant "attacker" not "attacked".
> they can get them to use an ersatz website, e.g.
> 22.214.171.124 online.westpac.com.au
I just tried a fake https://online.westpac.com.au/ and it
worked. Using a local hosts file change. The cert warning
came up but I ignored it. Frightening stuff when you realise
there are millions of Windows boxes out there jsut waiting
for their hosts file to be silently modified.
Rick Welykochy || Praxis Services
The 7 R's of Windows support: retry, restart, reboot, reconfigure,
reinstall, reformat and finally, replace with Linux.
More information about the Link