Boston Linux & Unix (BLU) Home | Calendar | Mail Lists | List Archives | Desktop SIG | Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings
Linux Cafe | Meeting Notes | Blog | Linux Links | Bling | About BLU

BLU Discuss list archive


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

OT: Interesting phishing email...



On 2/4/07, Grant M. <gmongardi at napc.com> wrote:
> No, Ebay justs lets you login, and happily redirects you to the fake
> login page, but gives no real indication that it has done so. The effect
> is that you believe that you haven't actually logged-in correctly and
> you try again, but the second time you are using the spoofed page, where
> your login details are recorded, and you are then returned to ebay, and
> it appears that you have now successfully logged in (you have, but it
> happened after the first login). It's a well thought-out spoof in my
> opinion.

That's pretty slick!  Well, everyone should know by now not to ever
click a link in an email, unless you have verified and trust the
sender (GPG helps).  This is just one more example.  Even if you tried
to verify the remote server, it would be legit (until the redirect).
But your caution has already worn off by then...and you got pwned ;-)

Rarely, when I see these emails (Gmail catches almost everything), I
usually whip out a script to pound their servers with random login
info to pollute their databases.  If not to slow them down a little
bit, at least maybe it annoys them and that makes me happy...heh
-- 
Kristian Hermansen

-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.





BLU is a member of BostonUserGroups
BLU is a member of BostonUserGroups
We also thank MIT for the use of their facilities.

Valid HTML 4.01! Valid CSS!



Boston Linux & Unix / webmaster@blu.org