2015 Feb 18, 6:40
2009 Sep 30, 4:07The hashing part makes sense, but not the 'why no URL query' bit: "But because victim=12345 has already been visited they satisfy condition 2 and they get the 404 page fooling them into
thinking the site has already been taken down. So query strings don't really work." You could implement the same thing in the path and even were that not the case there's no telling that
removing the query would get you the same page. What's described here is a general method to circumvent the AP filter not an explaination as to why it avoids the query portion of the URL.
phishing technical web browser http url hash 2008 Aug 27, 11:36
Internet Explorer 8 Beta 2 is now available! Some of the new features from this release that I really enjoy are Tab Grouping, the new address-bar, and InPrivate Subscriptions.
Tab Grouping groups tabs that are opened from the same page. For example, on a Google search results page if you open the first two links the two new tabs will be grouped with the Google search
results page. If you close one of the tabs in that group focus goes to another tab in that group. Its small, but I really enjoy this feature and without knowing exactly what I wanted while using
IE7 and FF2 I knew I wanted something like this. Plus the colors for the tab groups are pretty!
The new address bar and search box makes life much easier by searching through my browsing history for whatever I'm typing in. Other things are searched besides history but since I ignore favorites
and use Delicious I mostly care about history. At any rate its one of the things that makes it impossible for me to go machines running IE7.
InPrivate Subscriptions allows you to subscribe to a feed of URLs from which IE should not download content. This is intended for avoiding sites that track you across websites and could sell or
share your personal information, but this feature could be used for anything where the goal is to avoid a set of URLs. For example, phishing, malware sites, ad blocking, etc. etc. I think there's
some interesting uses for this feature that we have yet to see.
Anyway, we're another release closer to the final IE8 and I can relax a little more.
microsoft browser technical ie8 ie 2008 Jan 24, 8:55A software kit for phishers that, unknown to the phisher, messages any stolen info back to the originators of the kit.
fraud article phishing 2007 Jun 21, 2:38Unspun is a social list creation website from Amazon. For instance, you could create a list named '
Most Desired Features for Next Version of Internet Explorer' and users of Unspun fill in and
rank the answers. There's a mix of serious answers that are excellent suggestions, fan-boy answers that are lame, uninformed answers that are already implemented, and hilarious answers that are
awesome. The following is the very short unsorted list of the awesome suggestions.
-
Innovative Anti-Phreaking Technology
-
Given the work done in IE7 on anti-phishing, subsequent work on anti-phreaking just makes sense.
-
AXELROD 2.8 Acceleration with XML Bindings
-
I'm not sure what AXELROD 2.8 is but accelerating it sounds good. Also I enjoy binding things to XML so...
-
Larger Buttons for My Mighty Fingers
-
For maximum humor this should be read by Richard Horvitz as Zim of Invader Zim. This
one makes me laugh every time I read it.
amazon personal ie humor nontechnical 2007 Jan 26, 6:43Usability study of phishing attacks and browser antiphishing defenses
security browser phishing paper ie7 2004 Aug 19, 2:52I received an email from verification@citibank.com the other day with the subject "Fraud Check Verification". Or at least that's what someone at the jumphk2.net domain would have me believe. The
whole official looking email was very convincing at first glance. There's the Citibank logo image up in the left corner, the reassuring TrustE image in the opposite corner, and just the right amount
of legal-ese on the bottom. The text requested me to follow a link in the email to update and verify my information. At closer examination however it becomes apparent that this is a scam. Little
things start to catch your eye. The TrustE image is hosted on ebay and the Citibank logo is hosted at 65.108.92.50. Both images one might expect to be hosted on Citibank's site. The link in the email
looks like its taking you to https://www.citibank.com/saw-cgi/citibankISAPI.dll?PlaceCCInfo but in fact its taking you to a page hosted at 65.108.92.50 again. The following sentence appears in the
email:
If your account information is not updated within 48 hours then your ability to sell or bid on Citibank will become restricted.
Oh shit! My bid on Citibank might not go through! Seriously, they might have gone to a little more effort than just copying and pasting a scam letter meant for EBay. And the number one fact
revealing the email for what it is -- I don't have a Citibank account. I had received an email exactly like this several months ago and just deleted it, but for some reason, perhaps I was in a foul
mood, I decided to do something this time around. I emailed abuse at my domain, the ISP controlling their IP address, and Citibank. My domain told me there was nothing they could do. Citibank has yet
to respond. As for their ISP, the following day I received an email from Leon at Alabanza's Abuse department informing me:
This account has been locked down and is now on schedule for deletion. If we can further assist you please let us know.
Fuck yeah! This was a lot better than anything I had expected. I anticipated no response from any of the letters I sent. The page is gone now. Leon rocks!
PowerShell: Better phishing for all! 
Some rights reserved