phishing filter thwarted by unique subdomains
Account Home | Help | Blog | Contact us | Log Out


Welcome to Kbytes > Articles

phishing filter thwarted by unique subdomains

Posted By: siteadmin on 26/05/2011 18:14:00

http://onlinesession-518260672.natwest.com/updatemode/userdatadirectory/start.aspx

Leads to…

http://onlinesession-518260672.natwest.com.mofer1.yn.cn/updatemode/userdatadirectory/start.aspx/

I just got one of these wonderful phishing emails.  And noticed the onlinesession-xxxxxx ID.  

Guess M$s wonderful, slow, phishing filter can’t work out its a phishing email because the host has not been registered with them.


blog comments powered by Disqus

Kbytes Home | Privacy Policy | Contact us | Testing Area

© 2004 - 2018 1 Oak Hill Grove Surbiton Surrey KT6 6DS Phone: +44(020)82617371