Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

You're Doing It Wrong


  • Please log in to reply
7 replies to this topic

#1 Andrew

Andrew

    Bleepin' Night Watchman


  • Moderator
  • 8,256 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Right behind you
  • Local time:04:18 AM

Posted 10 December 2007 - 08:36 AM

Back in the previous century, I, a young lad at the time, opened a Yahoo! mail account. Over the years this account moved from being my main e-mail account to my "throwaway" account for putting in online forms. As a result, this account (now going on 9 years old!) gets literally thousands of spams a day. To Yahoo's credit, 99% of the chaff is successfully separated from the wheat and gets sent to the bulk mail folder.

Today I received, as I do quite often, a "question from a buyer" e-mail purporting to be from ebay.

I haven't used ebay in at least 2 months, nor sold anything in almost a year. So I knew it to be faked.

Curious as to the current state of the phishing art, however, I spared the message from the bin and opened it. A well done job making it look official, it even had an "@ebay.com" return address.

My respect (if that is the right word) for the phisherman was quite high. Not only had they been able to fool Yahoo's filters, a feat onto itself, but had done a superb job of forgery.

Until I clicked on the link.

I'm not sure if it's my mail client or Firefox (I think its Firefox) but the 287 character URL made Firefox unhappy and didn't work. So I plugged it into IE (using the IE Tab Extension for FF) and this is what I got:
Posted Image

Long story short, it's probably not a good idea to remind the people you're trying to scam on how to detect that they're being scammed. but that's just my opinion...

BC AdBot (Login to Remove)

 


#2 Juha

Juha

  • Members
  • 512 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:England
  • Local time:12:18 PM

Posted 10 December 2007 - 09:32 AM

Excellent stuff... Probably a novice phisherman still in the early stages!

#3 Andrew

Andrew

    Bleepin' Night Watchman

  • Topic Starter

  • Moderator
  • 8,256 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Right behind you
  • Local time:04:18 AM

Posted 10 December 2007 - 09:52 AM

"We now observe the young Crookus phishia in its natural habitat. Notice the extremely small skull, resulting in diminished cranial capacity. Unlike its cousin, the Leech Faced Cracker (Crookus noirhat), the Crookus phishia is a filter feeder, only devouring that which comes to it. In this regard, it is similar to other invertebrates such as the sea sponge (Raphidonema faringdonense) and the parasitic Nigerius forninten"

#4 KoanYorel

KoanYorel

    Bleepin' Conundrum


  • Staff Emeritus
  • 19,461 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:65 miles due East of the "Logic Free Zone", in Md, USA
  • Local time:07:18 AM

Posted 10 December 2007 - 10:53 AM

RE Post #3...

Too funny there AA.
The only easy day was yesterday.

...some do, some don't; some will, some won't (WR)

#5 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,914 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:18 AM

Posted 10 December 2007 - 04:10 PM

Nice one AA, those things give me a haddock :thumbsup:
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#6 JacksonT

JacksonT

  • Members
  • 105 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Vancouver, WA
  • Local time:04:18 AM

Posted 11 December 2007 - 12:41 AM

I told him not to put that part in the e-mail but he just had to be perfect....wait did I just say that out loud uh-oh.


also nice photoshop work

Edited by JacksonT, 11 December 2007 - 12:42 AM.


#7 Andrew

Andrew

    Bleepin' Night Watchman

  • Topic Starter

  • Moderator
  • 8,256 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Right behind you
  • Local time:04:18 AM

Posted 11 December 2007 - 12:45 AM

also nice photoshop work


The only editing done was to reduce filesize and to add the red box, arrow, and text. Everything else was done by our dear friend the phisherman.

#8 Sneakycyber

Sneakycyber

    Network Engineer


  • BC Advisor
  • 6,092 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Ohio
  • Local time:07:18 AM

Posted 11 December 2007 - 06:08 AM

Chuckle, Sometimes perfection is our downfall.

Chad Mockensturm 

Systems and Network Engineer

Certified CompTia Network +, A +





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users