Don’t be an unwitting host for phishing scams
I ran across an interesting URL in a phishing link a few weeks back. It was the usual update your bank or PayPal information phishing scam. What was different about this one was the host URL. Rather than host the phishing code on a black listed or soon to be blacklisted server it was hosted on a personal website. The URL was of the form /www/images/.index.html .
When is the last time you looked in your images directory to see if there were any hidden files there lurking? Exactly. Me either.
Now I’m running a quick check once a week. As blacklisting servers who host phishing scams becomes more common phishing scams will be looking for safe harbors.
1) Check your directories for hidden files that don’t belong and
2) Check that file and directory permissions are not writable by the public.Directories should be drwxr-xr-x [ chmod 755 directory_name ]Files should be -rw-r–r– [ chmod 644 file_name ]
Leave a Reply
You must be logged in to post a comment.
