[scam] A phising site

Gizzy · May 24, 2005, 6:01pm

For the first time someone sent me an email which turned out to be a phishing attempt.

Tried stealing my hotmail password!!!

I had no idea at first, just clicked on the the link, but once the page was loaded. Instead of looking at a card, I saw a user login page (similar to Hotmail login page)
I was like.. Hooo.. stop right there. I went back to check the e-mail I had recieved.

The links in the e-mail look something but are actually something else, take a look:

[thumb=H]phishinlink1689_3371126.JPG[/thumb]

I recived an e-mail with an e-card which was sent from americangreetings website
when I try to pick up the card, it asks me to login to my hotmail !!!

Have a look at the screenshot below.

[thumb=H]phukinphisher1689_5997612.JPG[/thumb]

It looks like anyother greeting card e-mail you receive. But once you click on the link it is a whole different story.

I received this email[http://www.americangreeting-msn.com/pleasesignin.aspx?id='[email protected]](http://www.americangreeting-msn.com/pleasesignin.aspx?id='[email protected])

If you go to this page, it shows you a page saying future website of americangreeting.. I mean DUHHHHH!
http://www.americangreeting-msn.com/

Gizzy · May 24, 2005, 6:02pm

Re: [scam] A phising site

So everyone, be careful with such e-mails.

Tips on how to avoid the Internet scam known as phishing.

If you receive an unexpected e-mail saying your account will be shut down unless you confirm your billing information, do not reply or click any links in the e-mail body.
Before submitting financial information through a Web site, look for the "lock" icon on the browser's status bar. It means your information is secure during transmission.
If you are uncertain about the information, contact the company through an address or telephone number you know to be genuine.
If you unknowingly supplied personal or financial information, contact your bank and credit card company immediately.

Gizzy · May 24, 2005, 6:06pm

Re: [scam] A phising site

The FTC, the nation’s consumer protection agency, suggests these tips to help you avoid getting hooked by a phishing scam:

If you get an email or pop-up message that asks for personal or financial information, do not reply or click on the link in the message. Legitimate companies don’t ask for this information via email. If you are concerned about your account, contact the organization in the email using a telephone number you know to be genuine, or open a new Internet browser session and type in the company’s correct Web address. In any case, don’t cut and paste the link in the message.
Don’t email personal or financial information. Email is not a secure method of transmitting personal information. If you initiate a transaction and want to provide your personal or financial information through an organization’s Web site, look for indicators that the site is secure, like a lock icon on the browser’s status bar or a URL for a website that begins “https:” (the “s” stands for “secure”). Unfortunately, no indicator is foolproof; some phishers have forged security icons.
Review credit card and bank account statements as soon as you receive them to determine whether there are any unauthorized charges. If your statement is late by more than a couple of days, call your credit card company or bank to confirm your billing address and account balances.
Use anti-virus software and keep it up to date. Some phishing emails contain software that can harm your computer or track your activities on the Internet without your knowledge. Anti-virus software and a firewall can protect you from inadvertently accepting such unwanted files. Anti-virus software scans incoming communications for troublesome files. Look for anti-virus software that recognizes current viruses as well as older ones; that can effectively reverse the damage; and that updates automatically.
A firewall helps make you invisible on the Internet and blocks all communications from unauthorized sources. It’s especially important to run a firewall if you have a broadband connection. Finally, your operating system (like Windows or Linux) may offer free software “patches” to close holes in the system that hackers or phishers could exploit.
Be cautious about opening any attachment or downloading any files from emails you receive, regardless of who sent them.
Report suspicious activity to the FTC. If you get spam that is phishing for information, forward it to [email=“[email protected]”][email protected]. If you believe you’ve been scammed, file your complaint at www.ftc.gov, and then visit the FTC’s Identity Theft Web site at www.consumer.gov/idtheft to learn how to minimize your risk of damage from ID theft. Visit www.ftc.gov/spam to learn other ways to avoid email scams and deal with deceptive spam.

_Sh3rY · May 24, 2005, 6:09pm

Re: [scam] A phising site

I have better way! That can decieve anyone!

Gizzy · May 24, 2005, 6:12pm

Re: [scam] A phising site

oh show me :halo:

TofiBaba · May 24, 2005, 6:44pm

Re: [scam] A phising site

Gizzy, they finally found your email address

Gizzy · May 24, 2005, 8:11pm

Re: [scam] A phising site

^-- lol

but they still cant phish my password

TofiBaba · May 24, 2005, 8:19pm

Re: [scam] A phising site

But u have to admit, they did entice you into atleast going there. So now they have your IP. One step at a time. :whistling

Gizzy · May 24, 2005, 8:31pm

Re: [scam] A phising site

they can have my IP. cant do any damage to me still. I am highly secured

Asif2000 · May 24, 2005, 8:51pm

Re: [scam] A phising site

What harm can they do from knowing the ip address, I wonder.

I once fell for an email, I admit. I am extremely cautious usually. If they can get me, they can get anyone.

What happened was I purchased something online via paypal by adding my credit card to the paypal account. And the next day I recieved this email…

We recently have determined that different computers have logged into your PayPal account, and multiple password failures were present before the login. One of our Customer Service employees has already tryed to telephonically reach you. As our employee did not manage to reach you, this email has been sent to your notice.
Therefore your account has been temporary suspended. We need you to confirm your identity in order to regain full privileges of your account.
If this is not completed by April 28, 2005, we reserve the right to terminate all privileges of your account indefinitly, as it may have been used for fraudulent purposes. We thank you for your cooperation in this manner.
To confirm your identity please follow the link below:

https://www.paypal.com/cgi-bin/webscr?cmd=_login-run

Thank you for your patience in this matter.

PayPal - Customer Service

Please do not reply to this e-mail as this is only a notification. Mail sent to this address cannot be answered.

So obvously, thinking that it is a ligit email, I clicked on the link. Entered my user id and password and it didn’t log me in. At that time, I was freaking out. I looked at the URL address bar and I noticed a URL that is not paypal’s URL. Then I looked at the actual URL behind the html link and it was NOT paypal’s either.

A few seconds later, I open another IE browser with correct paypal URL, entered my id and password, I was able to login. Thanks God I quickly recognized the problem and I was faster than the hacker in this situatin but not everyone can be lucky. I changed my password immediately. I also removed my CC from the paypal account just to be on the safe side.

One thing to always keep in mind… NEVER EVER ENTER YOUR ID/PASSWORD ON A WEBSITE WHICH YOU VISITED BY FOLLOWING AN HTML LINK IN AN EMAIL OR ON ANOTHER WEBSITE WITHOUT FIRST VERIFYING THE URL ADDRESS IN THE ADDRESS BAR.

Gizzy · May 24, 2005, 9:11pm

Re: [scam] A phising site

Oh crap.

well you learnt it (almost) the hard way.
But that is a VERY nice piece of advise. :k:

_Sh3rY · May 24, 2005, 11:18pm

Re: [scam] A phising site

not in public!

Gizzy · May 25, 2005, 7:25am

Re: [scam] A phising site

^-- We have PM facility here. and I receive them too

nos · May 25, 2005, 4:33pm

Re: [scam] A phising site

A false sense of security is the worst of vulnerabilities … that’s all I can say

btw; I got a similar email sometime back from 123greetings.com, and obviously the sender address was spoofed. It was an unprofessional one, cause it redirected me to some free PHP domain hosting site. I sent an email to the webmaster for that domain and after sometime the site was removed …

Tofi u remember this? I sent you the link for the site as well …

Gizzy · May 25, 2005, 4:59pm

Re: [scam] A phising site

^-- the sense is not false :P

Yeah I also reported the site to a a few authorities. lets see how long it survives.

5Abi · May 25, 2005, 5:12pm

Re: [scam] A phising site

the bottom line is why do u guys click on such fishy emails :P

Gizzy · May 25, 2005, 6:05pm

Re: [scam] A phising site

^-- beacuse it looked phishy to me :D

TofiBaba · May 25, 2005, 6:12pm

Re: [scam] A phising site

Sometimes its good to see people still out there trying
Maybe just to see if the dude had something new.

TofiBaba · May 26, 2005, 11:35pm

Re: [scam] A phising site

Here, just got this:

Dear valued PayPal. member:

PayPal. is committed to maintaining a safe environment for its community of buyers and sellers. To protect the security of your account, PayPal employs some of the most advanced security systems in the world and our anti-fraud teams regularly screen the PayPal system for unusual activity.

Recently, our Account Review Team identified some unusual activity in your account. In accordance with PayPal’s User Agreement and to ensure that your account has not been compromised, access to your account was limited. Your account access will remain limited until this issue has been resolved. This is a fraud prevention measure meant to ensure that your account is not compromised.

In order to secure your account and quickly restore full access, we may require some specific information from you for the following reason:

We would like to ensure that your account was not accessed by an unauthorized third party. Because protecting the security of your account is our primary concern, we have limited access to sensitive PayPal account features. We understand that this may be an inconvenience but please understand that this temporary limitation is for your protection.

Case ID Number: PP-040-187-541

We encourage you to log in and restore full access as soon as possible.
Should access to your account remain limited for an extended period of
time, it may result in further limitations on the use of your account.

However, failure to restore your records will result in account suspension.
Please update your records on or before May 29, 2005.

Once you have updated your account records, your PayPal session will not be interrupted and will continue as normal.

To update your Paypal records click on the following link:

http://203.162.1.205/english/contactus/index.asp

Thank you for your prompt attention to this matter. Please understand that this is a security measure meant to help protect you and your account. We apologize for any inconvenience.

Sincerely,
Joan
PayPal. Account Review Department

That IP is still pingable. Let’s see who can crack it!

Mal1k · May 27, 2005, 12:18am

Re: [scam] A phising site

Sighhhhhhhhhhh, this is the $hit I was talking about tofi baba…remember that infamous case I told u several months back, that guy was a paki workin in Dubai Internet City…perhaps 1 day I’ll figure it out…till then :bhangra: