About

My Photo

Adsense


Add to Google Reader or Homepage

Subscribe in Bloglines

Subscribe in one go

  • Subscribe to RSS Feed

Your email address:


Powered by FeedBlitz

Google reader

Software worth checking out

  • ActiveWords
    Do everything without leaving the keyboard
  • Anagram
    Translates copied text into Contact, Calendar, Task, and Note items for Outlook, Palm etc
  • BlogJet
    Weblog client for Windows that allows you to manage your blog without opening a browser.
  • ConnectedText
    Intriguing Wiki-based organiser
  • Copernic Desktop Search
    Great alternative to Google's or Microsoft's offering for searching your PC. Simple and unobtrusive
  • Courier Email
    Great email program
  • DtSearch
    Text Retrieval / Full Text Search Engine
  • ExplorerPlus
    Organize and manage all your system files and folders
  • Gmail
    Webmail that really works. Great for catching spam too.
  • Google Deskbar
    Search with Google from any application without lifting your fingers from the keyboard.
  • Google Earth
    Zip around the planet and see things differently
  • Google Reader
    Best online RSS reader I think there is out there
  • Google Talk
    Chat online and make free internet calls
  • Jot+
    store all of your notes and information in an easy-to-use outline
  • Mindjet
    The mindmapper of choice.
  • MSGTAG - MessageTag
    Email receipt alert
  • MyInfo
    free-form information organizer
  • NoteTab
    Great text and HTML editor
  • PersonalBrain
    If you've ever wanted to organise your information in a way that's different, try this. Worth spending time on mastering
  • Process Explorer
    Not too geeky way to figure out what software is slowing down your computer. Just keep it running for a while and the culprit will become obvious.
  • Safari
    Surprisingly fast browser -- and for Windows too.
  • Skype
    Dump those phone bills
  • SpaceMonger
    Keep track of the free space on your computer via treemaps
  • Stick
    Post-It note-like tabs to store text, folders etc that cling to the edge of your screen
  • SuperNotecard
    Great for authors and writers organizing their thoughts
  • TaskTracker
    Lists recent documents by type for easy access
  • Text Monkey
    Easily clean copied text
  • Trillian IM Clients
    Gathers all your instant messaging accounts in one window
  • UltraMon
    Increase productivity and unlock the full potential of multiple monitors.
  • Vyooh DiskView
    Visually see disk space usage in Windows Explorer
Blog Widget by LinkWithin

« Searching For The Perfect NewsReader | Main | Heart Embraces File Sharing »

July 20, 2004

The Continuing Marvels Of Phishing

I continue to marvel at phishing attacks, and how they tweak themselves just enough to make you wonder hard about whether you can afford to ignore them.

Take this one for example. Simple text email, no fancy graphics. But the URL looks real enough, the text makes you wonder whether someone has tried to access your eBay account -- causing you to think you should follow the link, just in case.

Dear eBay member,

Thank you for submitting your change of e-mail address request.
Instructions on completing the change have been sent to your new email address.
Once the process is completed, your eBay-related email will no longer be routed to
this email address.

Change of E-mail address request was made from:
IP Address: 201.188.117.10
ISP Host: cache-dtc-ae11.proxy.msn.com

If you or anyone with authorized access to your account did not make this change,
please go to review your sign ininformations:

          http://billing.request-ebay.com

***Do Not Reply To This E-Mail As You Will Not Receive A Response***

Thank you for using eBay!

eBay Account Management

Having SpoofStick and other similar anti-phishing tools won't really help you here, because they'll just show you're visiting request-ebay.com, which could be real enough. Even checking the WHOIS information isn't that helpful, since the information there is no more or less suspicious than registry information of other legitimate sites. Even the website itself, request-ebay.com, looks normal enough.

The only real clue is in the language, which doesn't make a lot of sense (why would the change of email address be sent to your new email address for verification?) errors ('sign ininformations'; no proper addressee 'Dear eBay Member'; the email address being one I know is now in the hands of 'Nigerian' scammers), and in the fact that if you should actually visit the link, you'll be asked, without further ado, to enter your credit card information.

What I'd like to know is: Why do registrars still allow these kind of domains to be registered, why is the site still active, and why don't eBay do a better job of policing these kind of sites? Surely it's not too hard to monitor these eBay-linked domain name registrations?

Posted on July 20, 2004 in Scams, Security |

Digg This | Save to del.icio.us

TrackBack

TrackBack URL for this entry:
http://www.typepad.com/services/trackback/6a00d8341c5af153ef00d8353b93f569e2

Listed below are links to weblogs that reference The Continuing Marvels Of Phishing:

Comments

Verify your Comment

Previewing your Comment

Posted by:  | 

This is only a preview. Your comment has not yet been posted.

Working...
Your comment could not be posted. Error type:
Your comment has been posted. Post another comment

The letters and numbers you entered did not match the image. Please try again.

As a final step before posting your comment, enter the letters and numbers you see in the image below. This prevents automated programs from posting comments.

Having trouble reading this image? View an alternate.

Working...

Post a comment

Loose Wire search

Recent Posts

Recent Comments

Categories

Subscribe to my Podcast

Eco-Safe

Categories

Rank

  • Wikio - Top Blogs - Technology
Blog powered by TypePad
Member since 12/2003

Facebook

  • Blog Network:
    Blog Networks

A Directory of...

ten mov.es

tenminut.es