Bad news for AOL: ever since the service became free in August 2006, it’s been devolving into a phisher’s paradise. Now anyone with a broadband connection can download AOL’s free software and use AOL as a proxy server to redirect a website to any other website. If you think about this for a minute you can see the possibilities: for instance, creating a phishing site that looks exactly like neteller.com, then using AOL’s proxy to redirect the HTTP request through the Thailand Ministry of Education. Think it can’t be done? From chrisohara.org (edited for length):
I just received an email today stating that I needed to log into my neteller.com account to collect the money that I was sent via party poker…I don’t have a neteller account but the link in the email was quite interesting. It uses AOL’s redirect page to redirect to…126.96.36.199, which is in Thailand. It appears it belongs to the Ministry of Education. It appears that one of their computers has been compromised…I contacted AOL, firstname.lastname@example.org, and they have yet to respond.