URGENT Message from AOL Member Services

Another Spoof Email and Phishing Scam report by MillerSmiles.co.uk - click this image to go to our home page.

URGENT Message from AOL Member Services
27th May 2004

please forward any scams you've received to spoof@millersmiles.co.uk

Report Summary
Date Reported	10th & 27th May 2004
Apparent Sender	AOL
Return Address	UpdateRep@aol.com <UpdateRep@aol.com>
Subject	URGENT Message from AOL Member Services
Format	HTML
Method	a link which utilises AOL's own redirection script leads to bogus web content
Bogus Web Content?	Yes
URL of web content	http://dynamic.aol.com/cgi/redir?http://supportcenter.8k.com- resolves to web space provided by freeservers OR http://dynamic.aol.com/cgi/redir?http://centersupport.8m.com/ - resolves to a web host in the USA.
RISK LEVEL	HIGH
WARNINGS	1. This is bad news for AOL users who will believe that they are entering a genuine AOL web page from not just the link text, but the momentary appearance of a genuine AOL URL in the browser address bar just before AOL's script redirects users to the forged web page (page removed already, but will no doubt re-appear, and the loophole, if not closed, will be used time and time again).

AOL users are at high risk from this forged AOL email which uses their own redirect script to send users from the AOL domain to a forged web page ...

This is a big concern to us - you can construct a URL using AOL's redirect script (http://dynamic.aol.com/cgi/redir?) to send users' browsers to any other web page or domain. The true URL would show once the page had loaded, but many will be duped by this loophole in AOL's system.

The bogus content has been removed very quickly, but it wont be long before another Phisher picks up this little trick and distributes more emails with similarly constructed links in them.

The Spoof Email ...

URGENT Message from AOL Member Services

The bogus web page ...

URGENT Message from AOL Member Services


Stay informed of the latest Spoof Email Phishing Scams with either of our FREE alert services... Email Alerts Add your email address to our email alert service... Subscribe Privacy Policy RSS News Feed Tap into our Scam Alert service using your News Reader or Aggregator (including My Yahoo!). Scam Alert News Feed You can even put the latest alerts on your own web site.

Library of Spoof Email Phishing Scams Brief guide to Phishing Full article on spoof email scams Spoof URL Checker Link Checker Browser URL Spoofing Vulnerability Check Latest browser bug aids Phishing Scams - beware!

Click the arrow to return to previous page Home Guides... Book Terminology How to identify a first edition book Auction Watcher List of the main Auction Sites world wide
<table border='0' cellpadding='0' cellspacing='0' width='120' height='243'> <!--DWLayoutTable--> <tr> <td><a href='http://www.amazon.co.uk/exec/obidos/redirect-home/millersmile09-21' target=_top ><img src="http://images-eu.amazon.com/images/G/02/associates/recommends/default_120x243.gif" width=120 height=243 border="0" access=regular></a></td> </tr> <tr> <td height="1"><img src="../spacer.gif" alt="" width="120" height="1"></td> </tr> </table>

URGENT Message from AOL Member Services 27th May 2004

URGENT Message from AOL Member Services
27th May 2004