The *worst* phish I have ever seen

The worst phish I have ever seen

What an amusing way to start the day – errors galore!

Let’s look at where the “EFTPS” URL takes you.

Page content:

eftpsid0343233.ru
ICANN Registrar: REGRU
Created 14 October 2010

IP: 178.63.173.126 - Fasttelecommunications Incorporated

ns1.freedns.ws
ns1.xname.org
ns2.freedns.ws
ns2.xname.org

Registrant: babkins@pochtamt.ru

The IP range is known to be problematic, having been host to everything from fake antivirus to trojans, exploits and an exploit kits (and a bot for variety):

http://www.malwaredomainlist.com/mdl.php?search=178.63.173&colsearch=All&quantity=50

Published Tue, Oct 19 2010 9:51 by sandi

Filed under: Security, safety and privacy on the Internet, Vulnerabilities, viruses and exploits

Comments

# re: The worst phish I have ever seen

Wednesday, October 20, 2010 11:48 AM by Barry

Note that all of the "typos" involve switching two letters out of their proper order. This is likely not a true typo, but a measure to help the e-mail evade spam filters.

Spyware Sucks

Blog Recent Posts

Syndication

Search

News

Blog Archive List

Tag Cloud

The worst phish I have ever seen

Comments

# re: The worst phish I have ever seen

Spyware Sucks

Blog Recent Posts

Syndication

Search

News

Blog Archive List

Tag Cloud

The *worst* phish I have ever seen

Comments

# re: The *worst* phish I have ever seen

The worst phish I have ever seen

# re: The worst phish I have ever seen