On Sep 13, 2012, at 12:34, Matthew Black wrote:
Checking if anyone else has heard of this protocol. It seems to be a method of bypassing security filtering software.
The reason I ask is that we received a security alert with a link hxxp://pastebin.com/###.
Seems very suspicious and want to know if anyone can shed light. Is this a new phishing/malware methodology?
Using "hxxp" is a common method to prevent auto-linking by various email/IM clients and/or forum software to then require the user to actively copy/paste the URL to get the content. In the case of a security alert, I could see it being used if the destination is in fact an example of an attack site to prevent someone from inadvertently clicking the link and getting infected. --- Sean Harlow sean@seanharlow.info