Hmmm. Well, the only areas I see where there is a search function is in the
<h3>Where is my nearest...?</h3>
<form action=http://www.multimap.com/clients/places.cgi part of the
index page. I am not experienced enough with htdig to tell whether or not
that area of the code implies that they use htdig or not. Also, as a member
there may be other searches available to a Barclay's customer that may use
htdig that I cannot see.
I would hate to see htdig misused/abused in any way. I know for a fact that
the way we have our store's htdig segregated so that there would be no way
to involve htdig in any abusive activity regarding our customers. In fact,
our merchant software as well as the other software suites that I know about
require a local encryption key to access any customer information, so there
is really nothing of value stored on the server anyway.
That being said, if someone is using a spoofed site, I guess that htdig
would be as valid a search as any other, and the 'htdig noindex' code may be
part of the a**hole's (sry but that's what they are) attempts to make sure
that their spoofed site/pages appear as credible as possible. I guess that
also says much for htdig, that the results produced for the end-user are
professional enough to mimic custom coded search routines, which is what I
would guess Barclay's uses.
----- Original Message -----
From: "Mike Causer" <[EMAIL PROTECTED]>
To: <[email protected]>
Sent: Wednesday, April 05, 2006 1:07 PM
Subject: [htdig] Curious use of htdig in a phishing attempt
A phishing attempt to trap customers of Barclays Bank that's just
arrived contains a <!--htdig_noindex--> section in the html part of the
mail, specifically the part that includes the rogue website address.
I wonder if the noindex section would have been part of Barclays'
standard format that the phishers have copied (big win for htdig there!)
or if the phishers are using it, or even if an organisation like the
Anti-Phishing Working Group use it and the phishers are trying to
confuse them.
Just a bit of idle curiousity really.
Mike
--
Mike Causer Email - mailto:[EMAIL PROTECTED]
GPG KeyID 1C2DDA07 WWW - http://www.mikecauser.com
Flood the fen again! - Wicken Fen enlargement - http://www.wicken.org.uk
-------------------------------------------------------
This SF.Net email is sponsored by xPML, a groundbreaking scripting
language
that extends applications into web and mobile media. Attend the live
webcast
and join the prime developer group breaking into this new coding
territory!
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=110944&bid=241720&dat=121642
_______________________________________________
ht://Dig general mailing list: <[email protected]>
ht://Dig FAQ: http://htdig.sourceforge.net/FAQ.html
List information (subscribe/unsubscribe, etc.)
https://lists.sourceforge.net/lists/listinfo/htdig-general
-------------------------------------------------------
This SF.Net email is sponsored by xPML, a groundbreaking scripting language
that extends applications into web and mobile media. Attend the live webcast
and join the prime developer group breaking into this new coding territory!
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=110944&bid=241720&dat=121642
_______________________________________________
ht://Dig general mailing list: <[email protected]>
ht://Dig FAQ: http://htdig.sourceforge.net/FAQ.html
List information (subscribe/unsubscribe, etc.)
https://lists.sourceforge.net/lists/listinfo/htdig-general
