From: One2@onetwo.com
Date: Mon Aug 28 2006 - 02:53:59 EDT
Just trying to do a phishing attack for a client where we spoof an internal email address and convince their employees to login to a fake website via a sneaky link.
Usually this is quite easy, however, this time I have hit the Microsoft security patch for Outlook 2003. This allows Outlook to check for phishy emails, and automatically shows the underlying links by changing from HTML to Text view.
The emails are now also ending up in the Junk E-mail folder, rather than the Inbox.
Does anyone know how I can get around Outlook detecting this email as phishy, or revealing the link? Maybe by encoding characters or something.
Also, please assume that I don't have access to the user's Outlook to change their settings manually.
Thanks,
One2
------------------------------------------------------------------------
This List Sponsored by: Cenzic
Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php
------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:56:51 EDT