The Latest in IT Security

Online pharmacy spam disguised as AOL.com phishing

11
Nov
2011

Every time when I see a phishing where AOL is involved I become nostalgic. The reason for that is that the first phishing seen online was sent on an AOL newsgroup on January 2. 1996.

Here is one email which looks very phishy at the first sight.

All links except the “inbox” are going to AOL.com. The “inbox” one goes to http://<ip>/~s960749/spectral.html .

At that page there is, of course, no page except for this code written in one single line:

<script type=”text/javascript”> 

var a =”http://viagralevitratestosterone.com”;window.location = a;

</script>

And in case that someone deactivated JavaScript, there is also a link which can be manually clicked:

<body>
<center><h1>#1 Online Pharmacy</h1><br>Online DrugStore<br><a href=”http://viagralevitratestosterone.com”>Buy Viagra Online</a></center>
</body>

PS: The target domain is offline now, otherwise I wouldn’t have published it here.

This is a classic technique to escape web filters: jump first to an “innocent” IP address and then redirect to the final page.

In our case, according to the domain it seems that it was an online pharmacy.

I advise users to never click on such links, and of course, never buy anything from a shop which you received via a spam message.

 

Sorin Mustaca

Data Security Expert

Leave a reply


Categories

THURSDAY, MARCH 28, 2024
WHITE PAPERS

Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...

ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...

The Multi-Model Database:
Part of the “new normal” where data and cloud applications are ...

Featured

Archives

Latest Comments