DragonFly users List (threaded) for 2005-02
OT a DNS/phishing puzzle
I'm only posting this here because this audience is the most
sophisticated group I know, and this incident worries me a lot.
I'm accustomed to phishing emails by now, but this particular
one made me nervous, because I don't understand how DNS works.
The phishing email wanted me to click on this URL:
Okay, so I do a 'whois wamu2u.com' and get this response:
Domain Name : wamu2u.com
Name : Constance Edwards
Email : edwards@xxxxxxxxxxx
Address : 1094 SE St Patricks Court, Port Orchard, WA
Zipcode : 98367
Nation : US
Okay, this much seems very reassuring.
The part that worries me is when I do an nslookup on the URL
(logon.personal.wamu2u.com) I get an IP address in China.
Anyone here understand DNS stuff well enough to explain how
Can anyone else reproduce the results I've listed above?