[SC.LUG] RE: [man-lug] Email Scam Alert

(Ted Harding) Ted.Harding at nessie.mcc.ac.uk
Thu Nov 6 21:20:14 GMT 2003


On 06-Nov-03 Frank Mitchell wrote:
> Dear LUGs,
> 
> I thought I'd alert you to a Bogus Email I received recently.
> Apparently it's from Lloyds TSB, even though I'm not a Lloyds
> Customer. So I phoned Lloyds, who confirmed it wasn't theirs, though
> they were aware of it.
> [...]
> link (or if you use AOL), copy and paste the link into
> the address bar of your web browser.
> 
> http://www.lloydstsb.com:ac-x6LC0IQr2aBda1XBALgF@LlOyDsG.dA.rU/?LdZJtDp
> 
> --------------------------------------------
>        Thank you for using Lloyds!
> --------------------------------------------

The trick here is the following. In a URL, if there's an "@" in what
follows http:// then only what comes after the "@" is treated as the
real URL. So in connecting to the above, you would be connected
directly to

  LlOyDsG.dA.rU/?LdZJtDp

(which would of course present itself as a simulacrum of the Lloyd's
web page). The "/www.lloydstsb.com..." at the beginning is a total
dummy and its sole purpose is to make people think that they are
connecting to the real Lloyds site.

Since not many people are aware of this, and since very few not
aware of it are going to risk their eyesight by scrutinising every
character and even then have to suss out what's going on with
"LlOyDsG.dA.rU", this is a pretty cunning deception.

Ted.


--------------------------------------------------------------------
E-Mail: (Ted Harding) <Ted.Harding at nessie.mcc.ac.uk>
Fax-to-email: +44 (0)870 167 1972
Date: 06-Nov-03                                       Time: 20:03:49
------------------------------ XFMail ------------------------------



More information about the SC mailing list