[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[OT - AIM] Disguised URL's In AIM's and Counterfeit PayPalEmails

Subject: [OT - AIM] Disguised URL's In AIM's and Counterfeit PayPalEmails
From: patrick.bureau at gmail.com (Patrick Bureau)
Date: Wed Jan 18 13:34:55 2006
In-reply-to: <4e2d8ff80601181112x3da27deakc1add64dd2d0a5a3@mail.gmail.com>

Well it was issue early jan 2006... 
You can check your system has it installed by going to control panel -
add remove programs - click the show updates and scroll down the list
to you OS windows updates... Mine was update on 1-6-2006.. :)
 


----
Patrick Bureau - patrick.bureau@gmail.com 

-----Original Message-----
From: scirocco-l-bounces+patrick.bureau=gmail.com@scirocco.org
[mailto:scirocco-l-bounces+patrick.bureau=gmail.com@scirocco.org] On
Behalf Of Roger concha
Sent: Wednesday, January 18, 2006 1:12 PM
To: Mtl-Marc
Cc: Scirocco list
Subject: Re: [OT - AIM] Disguised URL's In AIM's and Counterfeit
PayPalEmails

funny that we are talking about this today, and we had a whole bunch
of users get hit today at work.

On 1/18/06, Mtl-Marc <marc_scirocco@sympatico.ca> wrote:
> IIRC, pif ==> Program Information File.
>
> The info it needs to execute the exe
>
> Cheers
>
> Marc
>
> >
> > well the pif is just a shortcut to the actual executable
> >
> > On 1/18/06, Allyn <amalventano1@tds.net> wrote:
> > > That may be the windows metafile exploit, but I hadnt seen one 
> > > disguised
> > as a
> > > .pif, nor did I think it could work if it was opened as such.
> > >
> > > For those who don't know about this:
> > > http://www.microsoft.com/technet/security/advisory/912840.mspx
> > > And the patch is available here:
> > > http://www.microsoft.com/technet/security/bulletin/ms06-001.mspx
> > > HTH
> > > Al
> > >
> > > > -----Original Message-----
> > > > From: scirocco-l-bounces+amalventano1=tds.net@scirocco.org
> > > > [mailto:scirocco-l-bounces+amalventano1=tds.net@scirocco.org]
> > > > On Behalf Of Peter
> > > > Sent: Wednesday, January 18, 2006 2:57 AM
> > > > To: 'Scirocco list'
> > > > Subject: [OT - AIM] Disguised URL's In AIM's and Counterfeit
Pay 
> > > > Pal Emails
> > > >
> > > > Check this AIM message out, and it's happened several times 
> > > > before, from other unknown senders:
> > > >
> > > > vwdubnut85:  should i put these pictures of us on myspace or 
> > > > facebook?
> > > > http://photobucket.com/NewPictures/pic20.jpg
> > > >
> > > > thesciroccocom: Nice try:
> > > > http://download.pinkiespalace.net/picture01.pif
> > > >
> > > > I clicked to show the hyperlink, and this is what the
seemingly 
> > > > harmless photobucket URL actually is:
> > > > http://download.pinkiespalace.net/picture01.pif
> > > >
> > > > This is probably nothing, but when the url is disguised, it 
> > > > makes me suspicious.
> > > > In the past .jpg's have turned into .exe's and so on.
> > > >
> > > > This is also really common with all the Pay Pal spoofs; 
> > > > [mailto:spoof@paypal.com]
> > > >
> > > >
> > > > Peter
> > > > http://thescirocco.com/
> > > >
> > > > Please! Include the previous text in your reply...
> > > >
> > > >
>
>

_______________________________________________
Scirocco-l mailing list
Scirocco-l@scirocco.org
http://neubayern.net/mailman/listinfo/scirocco-l

Follow-Ups:
- [OT - AIM] Disguised URL's In AIM's and Counterfeit PayPalEmails
  - From: desinor at sympatico.ca (Jean-Claude Desinor)

References:
- [OT - AIM] Disguised URL's In AIM's and Counterfeit Pay PalEmails
  - From: rogercv1 at gmail.com (Roger concha)

Prev by Date: [OT - AIM] Disguised URL's In AIM's and Counterfeit Pay PalEmails
Next by Date: FS Artic White 16v in CT Not Mine
Previous by thread: [OT - AIM] Disguised URL's In AIM's and Counterfeit Pay PalEmails
Next by thread: [OT - AIM] Disguised URL's In AIM's and Counterfeit PayPalEmails
Index(es):
- Date
- Thread