Looking at the Crackpal.com Phishing-For-Hire Scheme
Yesterday, I took a lighthearted look at some of the Google searches people have used to arrive at this site. I saved one of them for today, however, because it was enough fun to warrant its own post. That search query is:
crackpal.com review
Well, I suppose I can give that a try.
What is crackpal.com? It’s a [...]
Scammer edits Wikipedia entry on Advance fee fraud
Last night, I received a phishing email wanting my university email account information. Whenever I’m picking through email headers, or any other kind of network forensics, I find it useful to punch the IP addresses I find into Google. You can often build a good image of what that particular system or network is used [...]
“Import email addresses” Considered Harmful
I’ve posted about this before, regarding Twitter’s signup process, although Facebook’s signup process is probably the most well-known example. Now, I see it on Slideshare. For future reference, when you see this:
Please do this:
I’m sure most of my readers can imagine what a bad idea it is to hand their email password over [...]
Dissecting the crackmails.net Phishing-For-Hire Scheme
A week ago on the BinRev forums, a link was posted to a site that advertised the ability of the owners to hack any web-based email account. The link was to crackmails.net, however the same site was also available at yourhackers.net and hackpasswords.net (and perhaps more). The cost of this service was $100 [...]
Reading employee mail after they’re long gone…
I’ve neglected this blog a little bit for the past few days while I’ve been playing with my new toy (a Cingular 8125, basically a re-branded HTC Wizard). I should be back soon, with a neat post or two about the sort of tools a security geek might want on his or her Windows [...]