Merlin's spamtrap catches a grifter

Merlin Mann, whose notion for a spammer honeypot I blogged a few days back, has caught his first spammer with it. The perp is running an identity-theft scam that sends you a deceptive URL (http://www.paypal.com@207.44.196.35/~redbarpr/cgi-bin/webscr%3fcmd=verification/( for what appears to be a PayPal renewal screen and sucks up your personally identifying information and credit-card info.

This was mined on June 19th at 7:41pm (EDT) by IP 62.215.3.38…

I'll can post more later if needed, but I wanted to let you white hats, wizards, and net detectives go nuts on researching these IPs if the spirit moves you.

Link

Discuss