Page 1 of 3 123 LastLast
Results 1 to 15 of 35

Thread: Don't get Phished

  1. #1
    Super Moderator Super Moderator Big Booger's Avatar
    Join Date
    Apr 2002
    Location
    JAPAN
    Posts
    10,941

    Don't get Phished

    From www.smartcomputing.com :

    You’ve become accustomed to deleting ridiculous Nigerian money scams and all those spam messages promising to help you lose 50 pounds in five days, but this message looks different; it has the eBay logo and uses the same fonts as eBay’s site. It contains links to eBay pages and is professionally written. It’s telling you your account has been associated with fraudulent activity and is about to be suspended unless you can provide some personal details to prove that everything is on the up-and-up.

    As official as an email like this looks, don’t take the bait. Millions of consumers rely on the Internet to shop, pay bills, and manage their financial accounts, and a new generation of scam artists is using a combination of social engineering and technological savvy to bilk unwary consumers out of their money or steal their identities. This practice is called phishing (short for password harvesting fishing), and although the techniques used in this type of scam are timeless, the Internet has provided phishers with a vast ocean in which they can cast their nets.

    Phishing emails differ in their specifics, but they all share a few common traits. First, they appear to come from a legitimate company, using the same graphics you’d expect to see at that company’s site. Second, they try to create a sense of urgency, telling recipients that their accounts are about to be suspended or are otherwise experiencing major problems. Third, these emails contain forms or links to forms where users are supposed to enter personal information, such as an account password or a credit card number. Once you enter the data in the form and click Submit, it is sent to the scammer’s computer and he can use it to steal from you.

    Phishing scam artists consistently come up with ever-more-elaborate schemes to ply their illegal trade, but by following a few simple rules, you can play detective and catch them in the act instead of becoming their next victim.

    Rule #1: Pay Attention To URLs

    URLs (uniform resource locators) are the characters you enter in a browser’s address bar to visit a particular site, and a favorite trick among phishing scammers is to make users think they are going to one URL when they really are visiting another URL.

    URLs can tell you a lot about the site you are visiting. The URL for our Web site, for example, is http://www.smartcomputing.com. The “.com” portion is the top-level domain (also called the domain extension), telling you what type of site it is. For example, “.com” is mainly used for commercial Web sites, whereas “.edu” is for educational institutions and “.org” is for nonprofit organizations. The companies most commonly targeted by phishing scammers use “.com” top-level domains, so if you see a URL such as “http://www.ebay
    .org” or “http://www.citibank.edu” linked to a spam email, it’s likely a site set up by a scam artist.

    The most important part of the URL as far as detecting a phishing site is concerned is the domain name, which is the text to the left of the top-level domain (such as “smartcomputing” in our example). All content at the Smart Computing Web site is accessible via the “smartcomputing.com” domain name, so any additional text between the domain name and the top-level domain name should raise a red flag.

    For example, a Web page located at “http://www.smartcomputing.scammer.com” is located at the domain name “scammer.com,” and a page at “http://www.ebay
    .customerservice.com” is actually located at the domain name “customerservice.com,” not at “ebay.com.” Any text that appears to the left of the domain name is a subdomain associated with the main domain. In the examples we just provided, “smartcomputing” is a subdomain of “scammer.com,” and “ebay” is a subdomain of “customerservice.com.” Ignore subdomains and focus on the domain name when determining whether a link or URL is legitimate. Hyphens and symbols such as @ also are used to make a phish site’s URL look more legitimate, so watch for those, too.



    Take the guesswork out of deciphering Web addresses by using
    a utility such as SpoofStick (free; http://www.corestreet.com/spoofstick
    ). Here, you see that SpoofStick’s bar within the browser interface states “You’re on ebay.com.”

    Unfortunately, some scammers have figured out how to use a sophisticated exploit that displays a fake address bar (containing a legitimate-looking address that doesn’t arouse suspicion) in a Web browser window, so other steps are necessary to fully protect yourself.

    Rule #2: Watch The Padlock

    All popular browsers display padlock icons when users visit secure sites; these icons are generally in the lower-right corner of the browser window. When users visit secure sites, or secure portions of sites after they’ve logged in, the padlock icon appears and the URL in the address bar begins with “https:” instead of the usual “http:” we see. Knowing this, if you ever see “https:” in the address bar but don’t see a padlock icon displayed, the page isn’t secure and it’s likely you’re visiting a phishing site, so don’t fill anything out or click any links.

    However, even this method isn’t foolproof, as scam artists have figured out ways to forge padlock icons, so be sure to follow the other rules we cover for maximum protection.

    Rule # 3: Type, Don’t Click

    The Internet has conditioned us to click hyperlinks to open new pages, but don’t let that habit get the best of you when a seemingly urgent email arrives. One of the main techniques phishing scammers use to lull users into a false sense of security is to put links in an email that look like they point to a legit company site when they actually point to a phishing site. This is called link masking, and it’s easy to spot and avoid if you know what to look for.

    Most email apps let users hover a mouse pointer over a link to see a pop-up window displaying the actual link. For example, a scammer might send an email that has a “http://www.paypal.com” link, but when you place the pointer over the link, the pop-up window reads “http://www.paypal.phishsite.com.” Of course, you should avoid clicking that link.

    Also, most phishing sites use IP (Internet Protocol) addresses (such as 12.39.144.5) instead of domain names, so if you hover the pointer over a link and see a string of numbers, the link probably points to a phishing site. Instead of clicking links in emails, type their URLs into your browser’s address bar, but only do so if the links use the proper company domain name.

    Rule #4: Notice Login Inconsistencies

    Some scammers cover their tracks by sending victims to the legitimate company sites after collecting personal information. Common examples of this are phishing sites that ask users to enter usernames and passwords they would use to log in at legitimate sites, and then automatically connect users to those sites after collecting their valuable login information.

    If you ever attempt to log in to a legitimate account after following a hyperlink in an email, and the Web site rejects your login information even though you typed it correctly, it’s likely you’ve just been scammed. Contact the legitimate company that the phishing scammer pretended to represent to let it know what happened and change your login password immediately.

    Rule #5: Protect Bank Account Data At All Costs

    It’s bad when scammers gain access to your credit card accounts, but at least these accounts are protected to the point where victims are liable for only a maximum of $50. Debit card and bank accounts often don’t have this level of protection, so never divulge bank account information in response to an email.

    Rule #6: Keep Personal Info Personal

    If you take nothing else away from this article, remember this: Legitimate companies never should ask for personal info via email (and if they do, they’re not worth doing business with anyway). Never fill out a form via an email, and never blindly follow links embedded in emails—no matter how official they appear to be. Scammers rely on input from you to do their work, so by trusting your instincts and never responding to emails that ask for personal information, you can force these jerks to find real jobs and earn their own money.
    It's an extract of their magazine (I highly recommend purchasing) that I thought you'd be keen on.

  2. #2
    Friendly Neighborhood Super Moderator phishhead's Avatar
    Join Date
    Apr 2002
    Location
    San Diego, Ca.
    Posts
    3,732
    thought it was a phishhead bashing thread.



  3. #3
    Old and Cranky Super Moderator rik's Avatar
    Join Date
    Aug 2003
    Location
    Watching Your every move...
    Posts
    4,688
    me too phisher...

    I have Spoofstick installed on all my systems...even at work.

  4. #4
    Bronze Member fatalfury's Avatar
    Join Date
    Nov 2004
    Location
    USA
    Posts
    104
    Quote Originally Posted by phishhead
    thought it was a phishhead bashing thread.
    XD

  5. #5
    Triple Platinum Member
    Join Date
    Aug 2004
    Posts
    883
    got this one today. nothing happened though. i was just re-directed to msn.com

  6. #6
    Old and Cranky Super Moderator rik's Avatar
    Join Date
    Aug 2003
    Location
    Watching Your every move...
    Posts
    4,688
    At the bottom rohit, it says Copyright by Microso??


  7. #7
    Bronze Member
    Join Date
    Nov 2004
    Location
    Narvik, Norway
    Posts
    110
    Ebay has an email addy, spoof@ebay.com, that you can send spoof emails to, so that the server hosting the sites eventually will be taken offline (at least, I hope so...)

    Johan-Kr
    System1: iMac 27"
    System2: PowerMac dual 800 (mirrored drive doors), OsX 1.5 Leopard
    System3: EPoX 8KDA3+, 1Gb RAM, 4x1Tb - Raid5, CoolerMaster CM Stacker, FreeNAS.

  8. #8
    Security Intelligence TZ Veteran cash_site's Avatar
    Join Date
    Jul 2002
    Location
    Software Paradise
    Posts
    3,852
    Quote Originally Posted by rik
    At the bottom rohit, it says Copyright by Microso??
    LOL, just redirects to MSN, you've just been phished.. OWNED.

    --- 0wN3D by 3gG ---

  9. #9
    Triple Platinum Member
    Join Date
    Aug 2004
    Posts
    883
    At the bottom rohit, it says Copyright by Microso??
    no rik, im positive it said microsoft..the thingy hadnt loaded when took the screen shot...it was some weird kind of text...if u pressed control c and copied it into the reply box some text which read: microsof, would appear like this:
    m
    .
    i.
    c
    .
    r
    .
    s
    .
    o
    .
    f
    .
    t
    phew!
    you've just been phished.. OWNED.
    lol...ur not serious rite?...lol neway..

  10. #10
    Security Intelligence TZ Veteran cash_site's Avatar
    Join Date
    Jul 2002
    Location
    Software Paradise
    Posts
    3,852
    lol...ur not serious rite?...lol neway..
    Well you didnt actually sign into the link did you?

    --- 0wN3D by 3gG ---

  11. #11
    Triple Platinum Member
    Join Date
    Aug 2004
    Posts
    883
    ok ur scaring me now....i just followed the link and a couple of redirections later reached msn.com did nothing there...and closed the window!!! im safe rite??
    Last edited by rohitk89; February 10th, 2005 at 05:10 AM.

  12. #12
    Old and Cranky Super Moderator rik's Avatar
    Join Date
    Aug 2003
    Location
    Watching Your every move...
    Posts
    4,688
    nah...they've got you now.

  13. #13
    Triple Platinum Member
    Join Date
    Aug 2004
    Posts
    883
    hah...i know ur kidding rik... i didnt enter ne username password or nething at all...or nothing's happened until now...at least...

  14. #14
    Old and Cranky Super Moderator rik's Avatar
    Join Date
    Aug 2003
    Location
    Watching Your every move...
    Posts
    4,688

  15. #15
    Security Intelligence TZ Veteran cash_site's Avatar
    Join Date
    Jul 2002
    Location
    Software Paradise
    Posts
    3,852
    Quote Originally Posted by rohitkumar
    hah...i know ur kidding rik... i didnt enter ne username password or nething at all...or nothing's happened until now...at least...
    I just hope you were using FFox, cos IE has many holes, that you dont have to sign in... it reads your cookies and gets your username... remember each time you go the hotmail sign in it remembers your email I hope you never click "remeber password".... they are stored to and easily read and used

    --- 0wN3D by 3gG ---

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •