A Flash In The Pan

UO!PanFlash!Flash

  03 December 2006

Description

Pointing to a Flash animation whose only purpose is to redirect to the real spam/phish site. Probably done to avoid phishing detection that relies on finding links that say they are going to one place, but actually go to another.

Submitted by Nick FitzGerald via an anonymous CastleCops reporter.

Example

<A href="http://i126.photobucket.com/albums/p87/tractors200/as.swf" target=_blank rel=nofollow _> <IMG height=32 alt="Respond Now" src="http://pics.ebaystatic.com/aw/pics/buttons/btnRespondNow.gif" width=120 border=0></A>

which actually redirects to:

http://www.ess-access.com/Signin.eBay.com.ws.eBayISAPI.dslSignInco.partnerId.
  pUserId.siteid.pageType.pa1.i1.BshowGif.UsingSSL.https.ebay.com.pa2.errmsg.
  runame.ruparams.ruproduct.sid.confirm5.htm

Poll

Will new browsers like Firefox 3, Internet Explorer 8 and Opera 9.5 help fight web-based malware?
Yes
No
I don't know

Leave a comment
View 15 comments
Jobs Recruit Sidebar

Virus Bulletin

In this month's magazine:
  • A commitment to quality and reliability
  • The road less truvelled: W32/Truvel
  • New memory persistence threats
  • Reversing Python modules
  • Advertising database poisoning
  • Sunbelt Software VIPRE Antivirus + Antispyware
  • Spear phishing – on the rise?
Virus Bulletin 07 2008
Subscribe now!
Virus Bulletin currently has 127,159 registered users.