Results 1 to 2 of 2

Thread: Props to Yahoo?

  1. #1
    AO Ancient: Team Leader
    Join Date
    Oct 2002
    Posts
    5,197

    Props to Yahoo?

    I decided to try Watchguard's Clickaware, (here but you need to be a registered user), to see how my users are. I didn't chose an faked attachment since I have told my users that malicious attachments can't get to them - so I chose an obviously "dodgy" link.

    The link appears to point you to freew4rez.ru.download.asp but it really sends you to WatchGuard's Clickaware page. WatchGuard suggests that you make a fake user in Exchange and then send the mail from there. I thought I would go one better. I extracted the public email addresses of all my users from AD and went to one of my "odd" accounts at Yahoo and sent the mail from there....

    Here's the fun bit, (I've tested it again and unless I am doing something wrong...), when the email arrives the link shows freew4rez.ru.download.asp but that's where it sends you too. It seems like, in an attempt to prevent phishing from Yahoo accounts, Yahoo recognizes the "hidden" url and replaces it with the shown url..... Needless to say the test failed abysmally because the freew4rez domain doesn't resolve.....

    Can someone confirm I'm right..... If so, nice move Yahoo....
    Don\'t SYN us.... We\'ll SYN you.....
    \"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides

  2. #2
    AO Senior Cow-beller
    Moderator
    zencoder's Avatar
    Join Date
    Dec 2004
    Location
    Mountain standard tribe.
    Posts
    1,177
    Wow...yeah, really, if that's what's happening, props to Yahoo indeed. I'll give it a go for you Tiger and see if I can duplicate your "failed" attempt.

    P.S. WatchGuard ClickAware - Holy Cripes, about freaking time someone made something like this! I've never heard of it, but you can bet it'll get some serious use now. Thanks muchly!
    "Data is not necessarily information. Information does not necessarily lead to knowledge. And knowledge is not always sufficient to discover truth and breed wisdom." --Spaf
    Anyone who is capable of getting themselves made president should on no account be allowed to do the job. --Douglas Adams (1952-2001)
    "...people find it far easier to forgive others for being wrong than being right." - Albus Percival Wulfric Brian Dumbledore

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •