Lots of phishing attempts for webmail accounts flying by, at the moment
it seems popular to use webform hosters to ask for account credentials.
I seem to miss a part of these. Probably my spamfilters being too good or
something. But at work there are some people who know I am interested in
new and recurring strains of Internet abuse so I still get interesting
stuff forwarded to investigate. The latest catch advertised a dot.tk domain
which inlined a webform from a tripod hosted site which was a copy of an
emailmeform.com form and used emailmeform.com to process it and redirected
to a generic thankyou form by a new zealand printer supplies company.
It takes a bit of tracing and trying to solve such a puzzle and notify
all parties about their role in the abuse.