Many websites use open http redirector such as Yahoo,Google.But some spammer use it tricks people into another website,which looks like apart of Yahoo.So Yahoo redirect server is now closed for public.
Spammer also use trick web address,like http://finance.yahoo.com:80@204.92.99.152/.
Users saw the yahoo.com domain name and figured it must be some official Yahoo! site,not realizing that the server would redirect to another IP address.
The trick here was a misuse of the clear-text "username:password@server" authentication feature. It made it look like you were accessing a yahoo.com URL, but in fact were going somewhere else.
This trick often use in spam mail, so we must be careful if link like it.
不少网站使用自动转向网址,象Yahoo和Google都这样。但是这也引来垃圾邮件和钓鱼邮件的兴趣。正因为如此,Yahoo关闭了公共转向功能。
垃圾邮件和钓鱼邮件发送者喜欢使用如:http://finance.yahoo.com:80@204.92.99.152/这样网址来欺骗受害者,让他们误以为这个网站是Yahoo的一部分而点击这个连接。其实它不过是使用了“username:password@server”的功能而已,无论你在真实的网址前加上一个@和任意其它的网址,都不会影响转到那个真正的网址上。如:http://www.google.com:80@204.92.99.152/或http://www.citybank.com:80@204.92.99.152/,它的目标是http://204.92.99.152/。
这种方式常常出现在垃圾及网络钓鱼邮件中。
Spam Link Tip
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment