A Flash In The Pan

UO!PanFlash!Flash

  03 December 2006

Description

Pointing to a Flash animation whose only purpose is to redirect to the real spam/phish site. Probably done to avoid phishing detection that relies on finding links that say they are going to one place, but actually go to another.

Submitted by Nick FitzGerald via an anonymous CastleCops reporter.

Example

<A href="http://i126.photobucket.com/albums/p87/tractors200/as.swf" target=_blank rel=nofollow _> <IMG height=32 alt="Respond Now" src="http://pics.ebaystatic.com/aw/pics/buttons/btnRespondNow.gif" width=120 border=0></A>

which actually redirects to:

http://www.ess-access.com/Signin.eBay.com.ws.eBayISAPI.dslSignInco.partnerId.
  pUserId.siteid.pageType.pa1.i1.BshowGif.UsingSSL.https.ebay.com.pa2.errmsg.
  runame.ruparams.ruproduct.sid.confirm5.htm

Entries

Are you feeling lucky, Sergey?

Spammers compendium entry - Are you feeling lucky, Sergey?

Pretty Darn Fancy

Spammers compendium entry - Pretty Darn Fancy

In the background

Spammers compendium entry - In the background

Doing The Twist

Spammers compendium entry - Doing The Twist

A Flash In The Pan

Spammers compendium entry - A Flash In The Pan