Devon Hillard Digital Sanctuary

Interesting Phishing Technique

I got contacted today with a non-form e-mail from a person offering a partnership which would “highly increase your context advertisement block (adsense) earnings” on 10MinuteMail. Essentially saying that they could increase my ad revenue, and would do that for a share of the increased revenue.

Which sounds good as I was wondering if there was stuff I could be doing with layout or ad types to help increase clicks, except this was from a random guy at a gmx.com address, with no company name. Googling his name and e-mail address turned up nothing. So I replied asking for his company info or references, etc…

Sorry, but our company has no web
site.
You will easteablish our credibility during partnership with us.
Lets just try it first, ok?
Put this code between the body tags on your 10minutemail.com
main page only:
<img src=”some russian site” />
It is an 1*1px transparent image.

Supposedly after I do that I’ll see the result in a couple of days.

So wow, little warning bells are now big warning bells. Adding a web bug can’t impact your Google adsense revenue. Adding a web bug to your site from a domain name with no website that’s registered by someone in Russia seems like a TERRIBLE idea! So of course I said no.

What do you think? Some sort of XSS attack, or cookie attack? I’m just not sure what the end game would be on this…

Posted

in

, ,

by

Devon

Tags:

Comments

17 responses to “Interesting Phishing Technique”

  1. Cheesy Poofs Avatar
    Cheesy Poofs

    what does the code do? Javascript? can you post it in a not-harmful way?

    Reply
    1. Devon Avatar
      Devon

      Doesn’t seem to do anything at this point, but could be replaced with someone harmful at any time I guess. Not really sure, but the whole thing just seemed really suspicious.

      Reply
  2. Mauzola Avatar
    Mauzola

    Just some joke I think…
    Just delete those crappy mails I guess would be the best…

    Reply
    1. Devon Avatar
      Devon

      Yeah, it was just odd that someone took the time to write multiple e-mails, have a host setup, etc… Weird.

      Reply
  3. Mauzola Avatar
    Mauzola

    A lot of fruitcakes outthere pal… ;)

    Reply
  4. alecsander Avatar
    alecsander

    Found a place where you can thank the developers of this site. I take many years. Very convenient and protects from unwanted contacts and spam. Thank you so much. I hope that your website will work even for very long and I always will thank you for your idea and work. With respect, Alexander.

    Reply
  5. Mrci Avatar
    Mrci

    Is it ironic to use a 10minutemail email for commenting on the blog of the creator? :D
    Anyways, that seems like a weird method to…well I don’t know without seeing the code. Suspicious indeed.

    Reply
  6. james kilby Avatar
    james kilby

    The code will most likely be used to track emails and harvest good email address’s

    This used to be popular a while ago but most clients wont run it nativley

    Reply
    1. Devon Avatar
      Devon

      That makes sense! Thanks James!

      Reply
  7. PK Avatar
    PK

    But you know why they keep doing it, don’t you? For every smart person who knows better there’s a dumb-ss who doesn’t ;)

    Oh yes, I order v14gr4 from suspicious messages that show up in my spam folder because it’s cheaper, I sent my bank account details to that princess in Africa so she can fill it with millions in unclaimed cash, and good thing I responded to that other message requesting my account number and PIN, otherwise they may have closed my account before the cash arrived ;)

    Reply
  8. Shen Rustemi Avatar
    Shen Rustemi

    This would be used to spread spam,….anonymously of course.

    Reply
  9. seo hanover md Avatar
    seo hanover md

    Hey there, I think your website might be having browser compatibility issues. When I look at your blog in Ie, it looks fine but when opening in Internet Explorer, it has some overlapping. I just wanted to give you a quick heads up! Other then that, very good blog!

    Reply
  10. Jabberwock Avatar
    Jabberwock

    Heh, sounds like you don’t trust so much to us, Russians. But trust me, I have a pen! )

    Really, all I have is a little idea about 10minutemail usability.
    May you activate “Give me 10 more minutes” every time when user refreshes the page?

    I swear, this improvement will not steal cookies or something, but just make your service a bit more comfortable.

    From ?ussia with love, Jabberwock.

    Reply
  11. Schmu Avatar
    Schmu

    Maybe theyd used a gif, jpg, png whatever exploit ?

    Reply
  12. mark Avatar
    mark

    can you create a new email form drdrb.net ?

    Reply
  13. Devon Avatar
    Devon

    No that domain is no longer in use.

    Reply
  14. Kay Cee Avatar
    Kay Cee

    Just came back to using your site after a year or so, but I had been using it for many years. Thanks. I only wish there were 10 hour mail.

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *