[hcs-d] interesting spam mail tactic

Matthew Gline gline at fas.harvard.edu
Wed Apr 5 10:51:44 EDT 2006

I just got a phishing attempt which included (masked by an <a> tag 
naturally) the following url (don't click it!):


I'm not sure I understand why


works to begin with (they don't seem to have an A record or anything), 
but I do think it's clever that they used google to get there. When I 
click the link in Thunderbird, which correctly recognized it as a scam 
to begin with, it says, "Are you sure you want to visit google.com?" 
which surely sounds more innocuous than "Are you sure you want to visit 
emailbankscams.ru.br.tz?" or whatever.


More information about the hcs-discuss mailing list