![[SpamCop.net - protecting the internet through technology]](http://news.spamcop.net/newlogo.jpg)
[SC-Help]
Using Google redirect to hide the real link, Spamcop doesn't
de-obfuscate
Bill
billrubin at prodigy.net
Tue Mar 28 22:40:45 EST 2006
I've noticed that spammers are using site redirects to hide the
real URL that they are going to. Here is an example from a
recent Chase phish mail I received:
Resolving link obfuscation
http://www.google.com/url?sa=u&start=4&q=http://220.181.9.242/.chaseonlinesm.chase.com/
Host www.google.com (checking ip) = 64.233.179.104
host 64.233.179.104 (getting name) no name
Tracking link:
http://www.google.com/url?sa=u&start=4&q=http://220.181.9.242/.chaseonlinesm.chase.com/
No recent reports, no history available
ISP does not wish to receive report regarding google.com
You will notice that Spamcop did not try to report the
220.181.9.242 address, it never got past Google. I think there
is a similar issue with something like rd.yahoo.com. Does
Spamcop need to be made smarter so it can report the real site
that these lowlifes are using?
More information about the SpamCop-Help
mailing list