[Pauldotcom] phishing question
Bert Van Kets
mailing at vankets.com
Fri Dec 4 08:16:09 UTC 2009
Isn't is easier to use a proxy or packet trace and see where the
requests go to?
You are not really after the code itself, just the locations in the
requests.
Just my $0.02
Bert
Chris Blazek wrote:
> A coworker clicked on a link in an email and was directed to facebook
> then redirected to the following site: despatiesmercemerce . blogspot
> . com
> All of there fb contacts then received the same email. I pulled up the
> site in malzilla and noticed a script block in the header that looks
> like it's obfuscated.
>
> I was wondering if someone in the group could figure out what the site
> was trying to do.
>
> Thanks,
> Chris
>
>
> ------------------------------------------------------------------------
>
> _______________________________________________
> Pauldotcom mailing list
> Pauldotcom at mail.pauldotcom.com
> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
> Main Web Site: http://pauldotcom.com
More information about the Pauldotcom
mailing list