[pcductape] Re: URL Spoofing

  • From: "Pam" <ltf01@xxxxxxxxxx>
  • To: <pcductape@xxxxxxxxxxxxx>
  • Date: Wed, 4 Feb 2004 15:01:32 -0600

Hi Vic,

We are talking about the same thing. You were talking about the (bad) intent
of the message writer.  I was basically explaining how the spoofing was
accomplished. =)

I'm pretty sure you already know how spoofing is accomplished.


For others, there are ways to verify that a link is going where it appears
to be going.

First, URL spoofing cannot be accomplished in plain text format emails, such
as this email is in.

In email you can hit Reply and then change the format to plain text which
will remove the underlying links.

On a web page you can touch a link and watch your status bar (the bar on the
bottom of your browser window) and most of the time it will show you where
the link is actually going.  If not, then you can view the source code for a
page and see where it is actually linked.  To view the source code in IE go
to View/Source.

If you are not familiar with what you are looking for in source code it will
look like something similar to this:

If it is a link from a graphic image like a button:

<a href="http://www.somesite.com/virus/abcdefg.exe"; target="_blank"><img
src="images/clickMePlease.jpg" alt="Click here for a surprise" width="57"
height="50" border="0"></a></td>

If it's a text link it may look something similar to this:

<a
href="http://www.badsite.com/givethemavirus.exe";>www.goodsite.com</a></td>

In both cases the true destination of the link is the part that immediately
follows the "a href=" and is enclosed in quotes

Hope that helps,

Pam

-----Original Message-----
From: pcductape-bounce@xxxxxxxxxxxxx
[mailto:pcductape-bounce@xxxxxxxxxxxxx]On Behalf Of Victor Firestone
Sent: Wednesday, February 04, 2004 1:06 PM
To: pcductape@xxxxxxxxxxxxx
Subject: [pcductape] Now is URL Spoofing, Was - RE: Re: Can anyone tell
me what this means?


Lisa and Pam

What I am saying is that someone with evil content can write an URL that
says something in your email or browser but the underlying code will take
you elsewhere [this is spoofing a URL] So, typing in the correct URL by hand
will not take you to the spoofed address.




~~~~~~~~~~~~~~~~~~~
TTFN - Vic


To unsubscribe from this list send an email to
pcductape-request@xxxxxxxxxxxxx with 'unsubscribe' in the Subject field
OR by logging into the Web interface. 

To view the message archives simply go to: 
http://www.freelists.org/archives/pcductape/

Other related posts: