[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[OT - AIM] Disguised URL's In AIM's and Counterfeit Pay Pal Emails
That may be the windows metafile exploit, but I hadnt seen one disguised as a
.pif, nor did I think it could work if it was opened as such.
For those who don't know about this:
http://www.microsoft.com/technet/security/advisory/912840.mspx
And the patch is available here:
http://www.microsoft.com/technet/security/bulletin/ms06-001.mspx
HTH
Al
> -----Original Message-----
> From: scirocco-l-bounces+amalventano1=tds.net@scirocco.org
> [mailto:scirocco-l-bounces+amalventano1=tds.net@scirocco.org]
> On Behalf Of Peter
> Sent: Wednesday, January 18, 2006 2:57 AM
> To: 'Scirocco list'
> Subject: [OT - AIM] Disguised URL's In AIM's and Counterfeit
> Pay Pal Emails
>
> Check this AIM message out, and it's happened several times
> before, from other unknown senders:
>
> vwdubnut85: should i put these pictures of us on myspace or
> facebook?
> http://photobucket.com/NewPictures/pic20.jpg
>
> thesciroccocom: Nice try:
> http://download.pinkiespalace.net/picture01.pif
>
> I clicked to show the hyperlink, and this is what the
> seemingly harmless photobucket URL actually is:
> http://download.pinkiespalace.net/picture01.pif
>
> This is probably nothing, but when the url is disguised, it
> makes me suspicious.
> In the past .jpg's have turned into .exe's and so on.
>
> This is also really common with all the Pay Pal spoofs;
> [mailto:spoof@paypal.com]
>
>
> Peter
> http://thescirocco.com/
>
> Please! Include the previous text in your reply...
>
>
>
>
>
> _______________________________________________
> Scirocco-l mailing list
> Scirocco-l@scirocco.org
> http://neubayern.net/mailman/listinfo/scirocco-l