[LINK] PayPal phishing scam - is this a domain hijack

Adam Todd link at todd.inoz.com
Fri Jan 19 23:11:17 AEDT 2007

You forgot Integer Number URL's (discussed on link about 7 years ago).

can't be bothered working out an example, but dnsstuff.com will do them for 

At 08:47 PM 19/01/2007, Kim Holburn wrote:
>>LINK: http://www1.paypal.com.cgi-bin.verify- 
>There are many many ways to obfuscate the url.  This is one of the
>simpler ones.  You could use tinyurl.  You can use urls like these
>and combine different schemes but most people don't even check the
>host name and why should they have to?
>There's also language encoding of dns names, like unicode, utf, etc
>Then there's the link text if it's an html email.
>I've seen phishing sites that almost immediately redirect you through
>to the real website with a special bit of javascript added in.

More information about the Link mailing list