North American Network Operators Group|
Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical
Phishing Name Server?
The Internet Storm Center [http://isc.sans.org/diary.php] is reporting that: "The DNS server 'NS1.SPX2K.com' currently hosts the following domains CITIFINANCUPDATE.com, SAFE-KEYNET.com, WAMU4U.com, WAMUCORP.com which appear to be phishing related. The use of actual 'valid' domains like this opens up the possibility that they are used with SSL certificates. The whois info for these domains appears to be fake." Does anyone have any further information into this? - ferg -- "Fergie", a.k.a. Paul Ferguson Engineering Architecture for the Internet [email protected] or [email protected]