Topic: WARNING: Phishing links....

Offline Gutty

  • Administrator
  • Gutty is leading the good life!Gutty is leading the good life!Gutty is leading the good life!Gutty is leading the good life!Gutty is leading the good life!Gutty is leading the good life!Gutty is leading the good life!Gutty is leading the good life!Gutty is leading the good life!Gutty is leading the good life!Gutty is leading the good life!
  • Posts: 1,697
Okay so I have decided to put this up to help you know what to look for when it comes to phishing attempts.

Use this thread to view, or add to.  so you can let others know about them too.


REMEMBER NOT TO CLICK ON ANY LINKS!!!

Posted: December 03, 2014, 08:28:11 pm

Offline Gutty

  • Administrator
  • Gutty is leading the good life!Gutty is leading the good life!Gutty is leading the good life!Gutty is leading the good life!Gutty is leading the good life!Gutty is leading the good life!Gutty is leading the good life!Gutty is leading the good life!Gutty is leading the good life!Gutty is leading the good life!Gutty is leading the good life!
  • Posts: 1,697
Quote
Never tell your password to anyone.
beneaston: add this guy for trade,he just can't add you for some reason...
http://staemcommuniti.com/id:/76561198034214672
Gutty.OP (ᴳѕ) |PsYCo|: get fucked
beneaston is now Offline.
beneaston is currently offline, they will receive your message the next time they log in.
Gutty.OP (ᴳѕ) |PsYCo|: find a real fucking domain name

Reply #1 Posted: December 03, 2014, 08:28:46 pm

Offline Apostrophe Spacemonkey

  • Fuck this title in particular.

  • Apostrophe Spacemonkey is awe-inspiring!Apostrophe Spacemonkey is awe-inspiring!Apostrophe Spacemonkey is awe-inspiring!Apostrophe Spacemonkey is awe-inspiring!Apostrophe Spacemonkey is awe-inspiring!Apostrophe Spacemonkey is awe-inspiring!Apostrophe Spacemonkey is awe-inspiring!Apostrophe Spacemonkey is awe-inspiring!Apostrophe Spacemonkey is awe-inspiring!Apostrophe Spacemonkey is awe-inspiring!Apostrophe Spacemonkey is awe-inspiring!Apostrophe Spacemonkey is awe-inspiring!
  • Posts: 19,050

Reply #2 Posted: December 03, 2014, 09:14:28 pm

Offline Gutty

  • Administrator
  • Gutty is leading the good life!Gutty is leading the good life!Gutty is leading the good life!Gutty is leading the good life!Gutty is leading the good life!Gutty is leading the good life!Gutty is leading the good life!Gutty is leading the good life!Gutty is leading the good life!Gutty is leading the good life!Gutty is leading the good life!
  • Posts: 1,697
what?? no fish and game??

Reply #3 Posted: December 03, 2014, 09:32:14 pm

Offline Lias

  • Administrator
  • Lias is awe-inspiring!Lias is awe-inspiring!Lias is awe-inspiring!Lias is awe-inspiring!Lias is awe-inspiring!Lias is awe-inspiring!Lias is awe-inspiring!Lias is awe-inspiring!Lias is awe-inspiring!Lias is awe-inspiring!Lias is awe-inspiring!Lias is awe-inspiring!
  • Posts: 3,975
Just for shits and giggles and as I have a semi professional interest in computer security I had a play with the phishing site. Reasonably good facsimile of steam, every link on the pages redirects you to a login prompt which will fairly obviously be a keylogger, but not content with that it pops up a decent look alike of the "Steam Guard" 2FA window, that indicates that as an added security measure to access Steam from this PC you will need to download the latest SteamGuard.exe tool and install it. Doing so would be a terribly bad move because it installs a particularly nasty backdoor trojan.

Not the usual bad spelling phishing site, some effort went into this, the default page and the 404 are all redirected to a steam themed "Website under Construction" page.

PS: I did this all in a VM which is going to be reverted afterwards, not from my home PC, and any login credentials used were blatently fake :-)

Reply #4 Posted: December 03, 2014, 10:56:30 pm

Offline Lias

  • Administrator
  • Lias is awe-inspiring!Lias is awe-inspiring!Lias is awe-inspiring!Lias is awe-inspiring!Lias is awe-inspiring!Lias is awe-inspiring!Lias is awe-inspiring!Lias is awe-inspiring!Lias is awe-inspiring!Lias is awe-inspiring!Lias is awe-inspiring!Lias is awe-inspiring!
  • Posts: 3,975
Also worth noting if you use a smart password manager like LastPass, it helps stop this sort of shit, as it won't recognise the fake domain as a valid domain for those credentials unless you explicitly go in and add it as an equivalent domain.


Reply #5 Posted: December 03, 2014, 11:16:34 pm
Pages: [1]