Thursday, 17 May 2007

example phish hosted by home user?

Here's the fake screen that you get when you click on one particular phishing email:

What's interesting is that static address, which indicates a possible broadband hosted, static ip address website. Visiting the top level, you get a nice "hello world" type website. As you can see it's using PHPTriad which is an installer of Apache, MySQL and PHP for Windows.

So, did this user knowingly host a phishing site using PHPTriad... or was this software installed using a trojan, without the users knowledge?

No comments: