Catching "fish" in real life!

Discussion in 'other security issues & news' started by aigle, Jul 4, 2011.

Thread Status:
Not open for further replies.
  1. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,047
    Location:
    Saudi Arabia/ Pakistan
    Few days back I got a mail from one of my friends hotmail account, asking to see his pics I clicked the link and it opened a page that was a fake hotmail login page.

    hxxp://chairmanchairs. net/jextr/mynsn@ps.html

    I recognized the phish but after a while, as i was opening so mant tabs at a time. I did not login mainly as I had already logged in hotmail. But I realized that I use opera,s built-in password mananger and it will not login this page( a good reason to use a password manager).

    Also after very short time, i had noticed the address bar that was showing a wrong address and the different favicon immediately caught my attention too.

    I tried the same URL in chromium with BD Traffic Lite extension and it immediately caught the phish. Opera 11.11 and FF 3.6.1 n Ubuntu, no warning. IE 7 on windows 7 VM, no warning. Norton safe web- CAUTION about suspicios site with phishsing( stange that a phishing site must be marked dangerous rather than just caution! :thumbd: )

    Out of curiosity I tried some proven phishing links from phish tank and I noticed that BD Traffic Light is very smart in catching them. :thumb: So seems Norton safe web( though only caution) and Gdata( from VT). :thumb:

    I have a question though: Can the address bar show a spoofed address and favicon of login.live.com or hotmail.com instaed of phishing site address? If so, how one can detect such spoofing and phishing? Will a password manager help?

    Thanks
     

    Attached Files:

    • 1.png
      1.png
      File size:
      91.4 KB
      Views:
      1
    • 2.png
      2.png
      File size:
      81.8 KB
      Views:
      1
    Last edited: Jul 4, 2011
  2. Sully

    Sully Registered Member

    Joined:
    Dec 23, 2005
    Posts:
    3,719
    I loaded that up in chromium, and got the standard warning page "phising detected". Going there anyway shows exactly the same as you show.

    What does that mean? I have no plugin or extension or other security tool in place, only the browser.

    Sul.
     
  3. Carver

    Carver Registered Member

    Joined:
    Feb 5, 2006
    Posts:
    1,827
    Location:
    USA
    Must be built in, I have chrome the same thing happened.
     
  4. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,047
    Location:
    Saudi Arabia/ Pakistan
    yes, it seems builtin one from google. may be i did not get it ue to older version.
     
  5. J_L

    J_L Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    8,516
    It seems already offline.
     
Loading...
Thread Status:
Not open for further replies.