Phishing
2009-08-04 15:03:56.679549+00 by Dan Lyke 3 comments
Argh. A week or two ago my DSL modem died. I went and got the best one Staples had in stock, which sucks and lacks features I need, and after recovering my password from AT&T I plugged it in and got some set of redirects asking me to download and run files from a domain that didn't look anything like anything like ATT.net.
I used my iPhone's net connection to verify that this is what I should be doing, and cursed their name, but...
Just got a call from someone who's going through the same thing with Comcast. She got a redirect and a request to download a file from some HTTP address at "comcastonline.com". Sounds kinda like phishing to me, so I "whois comcastonline.com" and see that the registrar is "CORPORATE DOMAINS, INC" and the Administrative and Technical contact is "Corporation Service Company / Domain Administrator".
The DNS servers for that domain are comcast.net, so I told her she should download and run it, but...
Is it that big company network admins are deliberately colluding with scammers to try to get users used to dodgy network and security practices? This sort of crap is horrendous, I guess it's too hard to do things right within their network environments, but still...