Wells Fargo, Bank of America, PayPal... "Please update your account information"... the wonderful world of phishing. I get them twice a week.
Nifty they are, and I cannot resist doing a bit of "whois" etc., usually finding some obscure server hidden somewhere.
Until two days ago - "Mr. Dark" hiding at "freepokerforum.com" without much cover (as it was included in the "Account Login" URL).
[Note: Hinted PayPal so now the mentioned links are down]
Promptly went over to his "home" at http://www.freepokerforum.com/~dark/ that believe it or not was fully open, including access to the obvious folder cgi-bin/www.paypal.com/ where all and everything to run the scam was fully readable and free to download!
Including obviously the scripts that forwarded the collected account information (if anybody fell into the trap) as an e-mail to himself.
A quick look at the script and voila; his personal e-mail address, readable in plain text for all!
Herewith nominated to "Most Stupid Phisher Of The Year"!
As "President Bartlet" in "Westwing" once said - "Nothing is as effective in crime prevention as a stupid criminal"...
Maybe the phisher hacked into the server and ran parts of his operation from there?
Usually these guys are not *that* clueless.
Posted by: Richard | December 01, 2005 at 17:21
That's a thought, although somebody who can hack himself into a server would know "chmod" or what ;)
(At least some of the code could be hidden, like the script with his own e-mail...)
When I checked the code it was quite a readymade-and-complete-starter-kit, just add you mail address... my grandmother could be up and running in five minutes.
No wonder there are som many out there doing exactly the same!
Nah, I would stick to my bet that he/she was a simpleton with his/her head in a sling under his/her arm :)
Posted by: sig | December 01, 2005 at 17:37