For the past few days, Geocities proved to be the most suitable playground for script kiddies and phishers. With many social engineering geocities websites popping here and there luring people to part with their user ids and passwords, it has not been a good ride for geocities.
Geocities is doing its best to pull down such attempts, but till now its all been futile. this was clearly visible when not one but three different geocities websites sported the yahoo login page. The websites became an instant hit with the college going students as the technologically challenged students (average internet user) thought this was an amazing prank to play on their co students. Little do they know the dangerous involved in this.
One of my not so good friends apparently thought it was funny to send me to those fake yahoo login pages. But one look at the URL told me what I needed to know. I hadn’t been to geocities for ages and so it was a nice touch to say “To look into the page please login with you yahoo id”. I put up a dummy password and user id and BAM! It worked.
Geocities must have got these reports too, cauze within a few days these sites were blocked. But now the phishers knew the potential of Geocities. Today Rajiv spotted a geocities account which looked exactly like the online home page of UTI bank. All these guys seem to be getting a similar mail claiming, UTI is shifting base and that once its relocated to its new home the users are required to login to confirm their accounts.
Rajiv knew at once this was an attempt at phishing one of the reasons being he didn’t have an account with UTI bank. Secondly, though the link in the email read something like utibank.co.in, when clicked upon it read geocities.in/bla bla.
But that is just the beginning. Once these phishers learn more about hacking, they will obfuscate the urls so that no one recognizes them.
A piece of advice to all you n00bs out there: Get firefox 2.0 which has an inbuilt efficient phishing detector which might help you with some of these sites (It how ever didn’t warn me against the UTI bank deal)
Click on image to enlarge and view firefox in action…
Note: No links were provided to the phishing site, because the author didn’t want to popularize them and drive more innocent traffic towards them. If you really want to follow up the sites then check Rajiv’s blog.
Related posts:
- Blogger, Typepad and Geocities blocked by certain ISPs in India Currently within 2 hours a set of popular ISPs in India have blocked access to blogspot.com, typepad.com and...
- Integrate flash in blogger I got the flash file from http://www.flashfoot.com. Here are the steps 1.) They give you 3 three files....
- Yahoo! Messenger 8 Beta Yahoo! have brought out the Beta version for their popular IM Client, Yahoo! Messenger 8. There are minor...
- Test Yahoo Beta with out invite Want to test Yahoo Beta? Here is a 2 minute step vice procedure to get what you want....
- Yahoo Starts Corporate Blogging On 1 august at 10:30 P.M yahoo officially started its corporate blogs. the first line of the first...
- Yahoo Time Capsule Yahoo time capsule is a nice concept to preserve our time and place… in the virtual world of...
- Appin International Summer Exchange Program 2006 Make your dream of foreign internship come true!!! Appin knowledge solutions brings its second International Summer Exchange Program....
- Yahoo! Tech It was Flickr, Now it is Tech. Yahoo is gearing up for what seems to be an eternal...
- Nuvvo Free On-Demand eLearning Do you look forward to teach a group of students, but are unable to find the right kind...
Blog
very thx