Jump to content


Photo
- - - - -

phishing emails, completely untraceable (idea)


  • Please log in to reply
8 replies to this topic

#1 ph0b1a

ph0b1a

    Will I break 10 posts?

  • Members
  • 9 posts
  • Gender:Male

Posted 19 May 2011 - 01:49 AM

hey guys i was bord a couple of nights ago and i had an idea while watching a movie on netflix, phishing emails have become a bit of a normal thing, but alot of them are either traceable to an account or they are just thrown into the spam folder of the victim, anyway i thought about sending the phishing emails via telnet, smtp servers, if said person was to run a trace on the phishing email all they would get is the address of the smtp server that we telnet'd in to and if the email was send using the same smtp server as the victim then it would not be thrown into the spam folder and there would be a higher chance of the email actually being opened. this is just an idea but i would love to here any feedback on the idea.

Edited by ph0b1a, 19 May 2011 - 01:50 AM.


#2 nyphonejacks

nyphonejacks

    Dangerous free thinker

  • Members
  • 793 posts
  • Gender:Male
  • Location:718

Posted 19 May 2011 - 04:52 PM

hey guys i was bord a couple of nights ago and i had an idea while watching a movie on netflix, phishing emails have become a bit of a normal thing, but alot of them are either traceable to an account or they are just thrown into the spam folder of the victim, anyway i thought about sending the phishing emails via telnet, smtp servers, if said person was to run a trace on the phishing email all they would get is the address of the smtp server that we telnet'd in to and if the email was send using the same smtp server as the victim then it would not be thrown into the spam folder and there would be a higher chance of the email actually being opened. this is just an idea but i would love to here any feedback on the idea.

i hate spammers

[sarcasm]
EDIT - thank you for the minus rep.. this post really deserved that.
[/sarcasm]

Edited by nyphonejacks, 08 July 2011 - 03:54 PM.


#3 ph0b1a

ph0b1a

    Will I break 10 posts?

  • Members
  • 9 posts
  • Gender:Male

Posted 19 May 2011 - 06:05 PM

as do i but im not talking about spamming, im talking about using it for phishing and SE to get access to someones accounts

#4 nyphonejacks

nyphonejacks

    Dangerous free thinker

  • Members
  • 793 posts
  • Gender:Male
  • Location:718

Posted 19 May 2011 - 10:46 PM

oh you mean topics that are not discussed on this board?

#5 TheIllusiveMan

TheIllusiveMan

    Will I break 10 posts?

  • Members
  • 6 posts
  • Gender:Male

Posted 02 June 2011 - 04:04 PM

Phishing is just a media buzzword. And only a complete idiot would bother.

You can steal someone's identity with nothing but a web browser.

I'd perform SQL injection on a completely random site. Then check if the password for their account is also used for things like their email. Once that's logged into I can almost deal with everything directly.... even update their facebook status to "going on a shoping spree".

#6 impulse_87

impulse_87

    Will I break 10 posts?

  • Members
  • 2 posts
  • Country:
  • Gender:Male
  • Location:MS

Posted 24 June 2011 - 11:01 PM

Phishing is just a media buzzword. And only a complete idiot would bother.

You can steal someone's identity with nothing but a web browser.

I'd perform SQL injection on a completely random site. Then check if the password for their account is also used for things like their email. Once that's logged into I can almost deal with everything directly.... even update their facebook status to "going on a shoping spree".



i agree SQL is alot better but phobias idea isnt a bad one

#7 woodys_world69

woodys_world69

    The phorce is with me!

  • Members
  • 70 posts

Posted 25 June 2011 - 07:43 AM

Most ISP's SMTP server has authentication turned on for an IP address outside of there range

#8 serrath

serrath

    SUP3R 31337

  • Members
  • 181 posts
  • Country:
  • Gender:Male

Posted 27 June 2011 - 10:35 PM

Most ISP's SMTP server has authentication turned on for an IP address outside of there range


Sounds like this hypothetical plan just got fun.

#9 phaedrus

phaedrus

    Gibson Hacker

  • Members
  • 90 posts
  • Gender:Male

Posted 06 July 2011 - 10:59 AM

Completely untraceable. Unless they log incoming connections to port 25, and then slurps the logs off to a central logging store where its slurped off via snmp traps for attacks by the ids in real time and kept on backup disks for a year or however long legal says is needed. Which almost everybody does. Please don't rely on this as your way to stay invisible unless you like getting in legal trouble.

Plus the days of open mail server relays allowing this ended about 10 years ago, as above.
You could spoof it, but then you run into problems if the admin is awake at the keyboard. Usually the filter box is a couple of relays in, and looks at the originating headers to check its taken the path it should before scoring.
Throw in SPF and a load of other tools to stop spam, and it becomes a awkward difficult exercise. Mail server admins usually really have seen it all over the past few years of the spam deluge...

I think your aiming for what the media are calling spearphising, in which I would install spamassasin etc, and work out a mail which doesnt score highly but lets you send a link to a webserver via email with your payload to download instead. Like the bottom feeding spammers...




BinRev is hosted by the great people at Lunarpages!