This message was created automatically by mail delivery software.
A message that you sent could not be delivered to one or more of its
recipients. This is a permanent error. The following address(es) failed:
[EMAIL PROTECTED]
SMTP error from remote mailer after RCPT TO:<[EMAIL PROTECTED]>:
host continuity.labor.koeln.ccc.de [2001:6f8:12f3:1:200:f8ff:fe76:53f3]:
550 unknown user
------ This is a copy of the message, including all the headers. ------
Return-path: <[EMAIL PROTECTED]>
Received: from outlier.minder.net ([65.75.150.100])
by weltregierung.koeln.ccc.de with esmtp (Exim 4.50)
id 1Dffdu-0003sn-1w
for [EMAIL PROTECTED]; Tue, 07 Jun 2005 17:05:33 +0200
Received: from waste.minder.net (waste.minder.net [66.92.53.73])
by outlier.minder.net (8.13.1/8.13.1) with ESMTP id j57BNlaV092588
(version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO)
for <[EMAIL PROTECTED]>; Tue, 7 Jun 2005 07:23:48 -0400 (EDT)
(envelope-from [EMAIL PROTECTED])
Received: from waste.minder.net (localhost [127.0.0.1])
by waste.minder.net (8.12.8p2/8.12.8) with ESMTP id j57BNkbY036381
(version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO)
for <[EMAIL PROTECTED]>; Tue, 7 Jun 2005 07:23:47 -0400 (EDT)
(envelope-from [EMAIL PROTECTED])
Received: (from [EMAIL PROTECTED])
by waste.minder.net (8.12.8p2/8.12.8/Submit) id j57BNkqU036374
for [EMAIL PROTECTED]; Tue, 7 Jun 2005 07:23:46 -0400 (EDT)
Received: from outlier.minder.net (outlier [65.75.150.100])
by waste.minder.net (8.12.8p2/8.12.8) with ESMTP id j57BNcbY036352
(version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO)
for <cpunks@minder.net>; Tue, 7 Jun 2005 07:23:39 -0400 (EDT)
(envelope-from [EMAIL PROTECTED])
Received: from proton.jfet.org ([EMAIL PROTECTED] [69.60.117.34] (may be
forged))
by outlier.minder.net (8.13.1/8.13.1) with ESMTP id j57BNWn0092585
(version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=FAIL)
for <cpunks@minder.net>; Tue, 7 Jun 2005 07:23:33 -0400 (EDT)
(envelope-from [EMAIL PROTECTED])
Received: from proton.jfet.org ([EMAIL PROTECTED] [127.0.0.1])
by proton.jfet.org (8.13.4/8.13.4/Debian-1) with ESMTP id j57BNVpP023577
(version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT)
for <cpunks@minder.net>; Tue, 7 Jun 2005 07:23:31 -0400
Received: (from [EMAIL PROTECTED])
by proton.jfet.org (8.13.4/8.13.4/Submit) id j57BNRe5023543
for cpunks@minder.net; Tue, 7 Jun 2005 07:23:27 -0400
Received: from ismss-2.biu.ac.il (ismss-2.biu.ac.il [132.70.84.151])
by proton.jfet.org (8.13.4/8.13.4/Debian-1) with ESMTP id j57BNO4u023539
for <[EMAIL PROTECTED]>; Tue, 7 Jun 2005 07:23:26 -0400
Received: from deer.cs.biu.ac.il ([132.70.1.11]) by ismss-2.biu.ac.il with
InterScan Messaging Security Suite; Tue, 07 Jun 2005 14:23:34 +0300
Received: from [132.70.4.39] (herzbea-lt [132.70.4.39]) by
deer.cs.biu.ac.il with ESMTP id j57BNA7J020675 for
<[EMAIL PROTECTED]>; Tue, 7 Jun 2005 14:23:10 +0300
Message-ID: <[EMAIL PROTECTED]>
Date: Tue, 07 Jun 2005 14:24:32 +0200
From: Amir Herzberg <[EMAIL PROTECTED]>
Reply-To: [EMAIL PROTECTED]
User-Agent: Mozilla Thunderbird 1.0 (Windows/20041206)
X-Accept-Language: en-us, en
MIME-Version: 1.0
To: [EMAIL PROTECTED]
Old-Subject: Hall of Shame of Unprotected Login Sites, and Phishing/Spoofing FAQ
Content-Type: text/plain;
charset=ISO-8859-1;
format=flowed
Content-Transfer-Encoding: 7bit
X-imss-version: 2.025
X-imss-result: Passed
X-imss-scores: Clean:3.18638 C:2 M:3 S:5 R:5
X-imss-settings: Baseline:3 C:1 M:1 S:1 R:1 (0.5000 0.5000)
X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-1.6
(outlier.minder.net [65.75.150.100]); Tue, 07 Jun 2005 07:23:49 -0400 (EDT)
X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-1.5.6
(waste.minder.net [127.0.0.1]); Tue, 07 Jun 2005 07:23:47 -0400 (EDT)
X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-1.5.6
(waste.minder.net [66.92.53.73]); Tue, 07 Jun 2005 07:23:40 -0400 (EDT)
X-Greylist: IP, sender and recipient auto-whitelisted, not delayed by
milter-greylist-1.6 (outlier.minder.net [65.75.150.100]); Tue, 07 Jun 2005
07:23:33 -0400 (EDT)
X-SA-Exim-Connect-IP: 65.75.150.100
X-SA-Exim-Mail-From: [EMAIL PROTECTED]
Subject: Hall of Shame of Unprotected Login Sites, and Phishing/Spoofing FAQ
X-Spam-Checker-Version: SpamAssassin 3.0.3 (2005-04-27) on
weltregierung.koeln.ccc.de
X-Spam-Level:
X-Spam-Status: No, score=0.0 required=5.0 tests=FORGED_RCVD_HELO,
SPF_HELO_PASS autolearn=ham version=3.0.3
X-SA-Exim-Version: 4.2 (built Thu, 03 Mar 2005 10:44:12 +0100)
X-SA-Exim-Scanned: Yes (on weltregierung.koeln.ccc.de)
Many important, sensitive login sites are not protected, making it
easier to steal passwords from naive (and even experienced) users. See
`Hall of Shame` listing such sites at
http://www.cs.biu.ac.il/~herzbea/Shame.html
Examples:
Banks and FIs: PayPal, Chase, SmithBarney (CitiGroup), Bank of
America, TD Waterhouse, Amex, FirstCommand Bank, MidFirst Bank
Security services: MicroSoft Passport, EquiFax, InstantSSL
All sites were warned before being added to the Hall of Shame (few
actually fixed their sites and are therefore not on the page, e.g.
eBay).
A related resource - a FAQ on phishing and spoofing, at
http://www.cs.biu.ac.il/~herzbea/shame/FAQ.htm
--
Best regards,
Amir Herzberg
Associate Professor
Department of Computer Science
Bar Ilan University
http://AmirHerzberg.com
New: see my Hall Of Shame of Unprotected Login pages:
http://AmirHerzberg.com/shame.html
