Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.


Obfuscation For Fun And Profit

  • Please log in to reply
No replies to this topic

#1 Security Geek

Security Geek

  • Members
  • 39 posts
  • Local time:08:09 PM

Posted 11 July 2006 - 08:42 PM

Can you tell me where this link takes you? www.PayPal.com. If you think you know the answer you're probably wrong. Even the gibberish on the end isn't what it appears to be. Its safe to click on it, but you would never know by looking.

Ok, we just had the fun part of this discussion. The profit part is done by those phishing for information. Google, Yahoo, and a number of other websites are making it far to easy for phishers and those distributing trojans to hide where a link, button, or graphic takes you. Viewing the source or floating your cursor of a link doesn't help. I wrote an article on how this works and why these search engines need to fix the problem. You can read it at: NIST.org (that's a real link btw :thumbsup: :-) ) Be sure to come back to BleepingComputer to comment.

btw: A real phishing scheme would take you to a compromised computer where they've started a webserver (a home computer on a DSL connection would work just fine) and immediately redirect you (again) to a clean looking URL (using redirection from that webserver). The page would look just like PayPal or some other online financial company. Where you would then be prompted to login. Most of these sites just collect your login information and then feed you a page saying the 'server is currently down, please try again later', so you don't get wise to them. Or they can then redirect you to the real PayPal login screen so you can login normally. That way you don't get the least bit suspicious that the previous attempt was phoney. Either way they now have your login information and can clean you out rather quickly. That's why these major search engines need to clean up their act and fix their redirection routines. Currently its far to easy to fake who you are. What I've described above is already happening, a lot.

BC AdBot (Login to Remove)


0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users