Phishin' Probs
Results 1 to 6 of 6

Thread: Phishin' Probs

  1. #1
    Member
    Join Date
    Aug 2005
    Posts
    62

    Question Phishin' Probs

    I looked in some tutorials and the newbie help and couldn't find anything on this.
    I work for a financial institution, we and our members get hit with a lot of phishing scams. As you know, the links inside the e-mail rarely go to the the site it says it's going to. I have tried to be diligent in reporting these incidents. I generally get the contact to report the abuse through ARIN or NetworkSolutions - WHOIS.

    Here is my question:
    How do I get the information about them if the domain name isn't pulling up any information in the WHOIS?
    Maybe any easier question:
    How can I get the IP Address to the site it's directing me to in the phishing message?

    I'll give you the URL to the site it's trying to direct me to:
    http://blueorange.gda.pl/update.htm?...ate/update.htm
    (I don't recommend going to this site... who know what knid of crap is on it)

    I narrowed my search down to Poland, but that's as far as I got.

  2. #2
    AO's MMA Fanatic! Computernerd22's Avatar
    Join Date
    Mar 2003
    Location
    Miami, FL
    Posts
    795
    How do I get the information about them if the domain name isn't pulling up any information in the WHOIS?
    I narrowed my search down to Poland, but that's as far as I got.
    You need just a little more information. Heres some useful information I found for you on them check it out;


    http://houston.dnstools.com/?lookup=...ubmit=Get+Info


    http://samspade.org/t/rbl?a=www.blueorange.gda.pl

    http://toolbar.netcraft.com/site_rep...eorange.gda.pl

    person: Karol Zamorski
    address: Volta
    address: ul Matejki 6
    address: 80-232 Gdansk
    address: Poland
    phone: +48 58 340 22 40
    fax-no: +48 58 340 22 42
    e-mail: kzamorski@volta.net.pl
    They're not that anonymous. I hope it helps ComputerNerd22

    85.219.174.100 = Linux Apache/1.3.33 Debian GNU/Linux PHP/4.3.10-8

  3. #3
    Senior Member
    Join Date
    May 2003
    Posts
    1,199
    Right click on the link and go to proporties. it will show you either the IP address or the real domain. ALL domains MUST be registered in order to work (unless they have access to the root DNS servers) so its on paper somewhere who registered it.
    Everyone is going to die, I am just as good of a reason as any.

    http://think-smarter.blogspot.com

  4. #4
    AO Senior Cow-beller
    Moderator
    zencoder's Avatar
    Join Date
    Dec 2004
    Location
    Mountain standard tribe.
    Posts
    1,177
    You may also want to expand your AO search to the Phishing and Scams forum, or ask the Moderator, HTRegz
    "Data is not necessarily information. Information does not necessarily lead to knowledge. And knowledge is not always sufficient to discover truth and breed wisdom." --Spaf
    Anyone who is capable of getting themselves made president should on no account be allowed to do the job. --Douglas Adams (1952-2001)
    "...people find it far easier to forgive others for being wrong than being right." - Albus Percival Wulfric Brian Dumbledore

  5. #5
    Member
    Join Date
    Aug 2005
    Posts
    62
    Very cool guys... Lots of help.
    Great sites Computernerd22.

  6. #6
    Banned
    Join Date
    Jul 2005
    Posts
    511
    At http://toolbar.netcraft.com/ you can download and install their anti-phishing toolbar. This toolbar will display you some useful information about the website you're visiting but will also warn you when you try to visit a known phishing website. (I've tried that with that link you provided, and it works!)

    And of course, any phishing emails can be reported at http://www.spamcop.net after you've registered for a free or paid account. Do those guys a favor and pay for it, if your budget allows it. They're doing a good job here.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •