Geocities – A playground for phishing

Posted by levoltz on November 8, 2006 in How-To | 1 Comment

For the past few days, Geocities proved to be the most suitable playground for script kiddies and phishers. With many social engineering geocities websites popping here and there luring people to part with their user ids and passwords, it has not been a good ride for geocities.

Geocities is doing its best to pull down such attempts, but till now its all been futile. this was clearly visible when not one but three different geocities websites sported the yahoo login page. The websites became an instant hit with the college going students as the technologically challenged students (average internet user) thought this was an amazing prank to play on their co students. Little do they know the dangerous involved in this.

One of my not so good friends apparently thought it was funny to send me to those fake yahoo login pages. But one look at the URL told me what I needed to know. I hadn’t been to geocities for ages and so it was a nice touch to say “To look into the page please login with you yahoo id”. I put up a dummy password and user id and BAM! It worked.

Geocities must have got these reports too, cauze within a few days these sites were blocked. But now the phishers knew the potential of Geocities. Today Rajiv spotted a geocities account which looked exactly like the online home page of UTI bank. All these guys seem to be getting a similar mail claiming, UTI is shifting base and that once its relocated to its new home the users are required to login to confirm their accounts.

Rajiv knew at once this was an attempt at phishing one of the reasons being he didn’t have an account with UTI bank. Secondly, though the link in the email read something like utibank.co.in, when clicked upon it read geocities.in/bla bla.

But that is just the beginning. Once these phishers learn more about hacking, they will obfuscate the urls so that no one recognizes them.

A piece of advice to all you n00bs out there: Get firefox 2.0 which has an inbuilt efficient phishing detector which might help you with some of these sites (It how ever didn’t warn me against the UTI bank deal)

geocities phishing

Click on image to enlarge and view firefox in action…

Note: No links were provided to the phishing site, because the author didn’t want to popularize them and drive more innocent traffic towards them. If you really want to follow up the sites then check Rajiv’s blog.

Share

Related posts:

  1. Blogger, Typepad and Geocities blocked by certain ISPs in India
  2. StumbleUpon
  3. Swarm – A new way to Browse the Web
  4. Yahoo! Messenger 8 Beta
  5. Firefox 2.0 is out!
Tags: ,
Subscribe to Comments RSS Feed in this post

One Response

Leave a Reply

Your email address will not be published. Required fields are marked *

*
*

Get Adobe Flash playerPlugin by wpburn.com wordpress themes