[Web4lib] Phishing exploits in emails
Micah Stevens
micah at raincross-tech.com
Wed Feb 7 18:06:17 EST 2007
Sounds like their webserver was just hacked and that sub-folder was used
to hold an add. This has happened to a couple of my clients from time to
time. I'm always amazed how people insist on using logins like 'web'
with a password of 'web' for their site FTP. One time I was called
because a client had found some really offensive porn on their site and
couldn't understand how it got there.
If admins don't keep track of their site and don't use secure password
techniques, this type of thing will remain prevalent.
-Micah
On 02/07/2007 02:55 PM, Drew, Bill wrote:
> I have been getting a lot of phishing emails supposedly from Amazon.
> It is quite irritating since I do a lot of business on Amazon. I looked
> at the source code for one of the messages and found this web address:
> //www.holyspirit-indy.org/pack46/.support/www.amazon.com/flex/sign-out.h
> tml/2Fhomepage=protocol=httpsaction=sign-out/exec.php?cmd=sign-in
>
> I went to the website www.holyspirit-indy.org and found the website for
> the Holy Spirit Catholic Church of Indianapolis. I called them to tell
> them that their webserver was being used for phishing exploits. The
> priest I talked to was quite happy to have my phone call. He was going
> to talk to their website administrator. Is this type of hack common and
> how do idiots get this type of access? I am curious since most of the
> phish e-mails I get come from places like China, South Korea, or Russia.
>
>
> Wilfred (Bill) Drew
> Associate Librarian, Systems and Reference
> Morrisville State College Library
> E-mail: mailto:drewwe at morrisville.edu
> AOL Instant Messenger:BillDrew4
> Facebook me <http://www.facebook.com/p/Bill_Drew/202201900>
> BillDrew.Net: http://billdrew.net/
> Wireless Librarian: http://people.morrisville.edu/~drewwe/wireless/
> Library: http://library.morrisville.edu/
> SUNYConnect: http://www.sunyconnect.suny.edu/
> My Blog:http://babyboomerlibrarian.blogspot.com
>
> "They that can give up essential liberty for a little temporary safety
> deserve neither liberty nor safety." Ben Franklin, 1759
>
> _______________________________________________
> Web4lib mailing list
> Web4lib at webjunction.org
> http://lists.webjunction.org/web4lib/
>
More information about the Web4lib
mailing list