Tools for anonymous blogging
R. Hirschfeld
ray at unipay.nl
Wed Mar 12 19:55:25 EST 2003
> Date: Wed, 12 Mar 2003 11:49:56 -0800
> From: Steve Schear <schear at attbi.com>
>
> Are you certain that the email originated with E-gold? Their policy is not
> to email ads nor contact their clients via email. Check the links and headers.
And check the form tag's action attribute. These fraud attempts are
getting sneaky--the last one I received used genuine www.e-gold.com
links throughout but had:
<form method="post" name="f" action="http://www.e-gold.com@%72%6f%6e%61%6c%64%31%31%32%2e%68%79%70%65%72%6d%61%72%74%2e%6e%65%74/%69%6e%64%65%78%2e%70%68%70">
If you decode the URL-encoded gubbish you see that it doesn't really
go to e-gold at all (but rather ronald112.hypermart.net in this case).
Ray
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com
More information about the cryptography
mailing list