limbo Posted June 2, 2007 Report Share Posted June 2, 2007 Emails that try to get you to give up your bank details, credit card details, atm details etc, in general called phishing, if one opens such a link, is there any danger in the 'phisher' accessing info on your computer, just by clicking on the link provided in the email send to you? Link to comment Share on other sites More sharing options...
Weird Posted June 2, 2007 Report Share Posted June 2, 2007 Technically.. Yes. Depending what browser you use, what features (compromising security) you have on/off, etc. Realistically, the chances they are that the people phishing are that good.. no, but are you willing to risk it at all? I've crafted such types of links myself to see if they were possible. One such type of attack is a CSRF attack or XSRF attack. It tricks your browser into sending data with legitimate cookies from your computer to a legitimate site with whatever data they choose; allowing them to access websites YOU have access to with YOUR access. But again, the chances of getting hit by such an attack through an e-mail is very low. Now the chances of getting hit through that type of an attack through a forum.. the odds go up significantly.. yet I wonder how many people on this board are careful about the links they click Link to comment Share on other sites More sharing options...
limbo Posted June 3, 2007 Author Report Share Posted June 3, 2007 Cheers Wird, Thanks for the info. Clicked on such a link and it was a real cunning one, I thought I knew tham all! Emailo from my bank with all the right logo's etc etc in the right place. Had me going for a moment and I clicked the link but no more. Link to comment Share on other sites More sharing options...
shygye Posted June 3, 2007 Report Share Posted June 3, 2007 There is another type of scam, where people have put up websites with very similar names. papajohns.com papajons.com Be careful of your spelling! Link to comment Share on other sites More sharing options...
limbo Posted June 3, 2007 Author Report Share Posted June 3, 2007 Yep, There's pages that warn you for these scams, as listed on the Bank of Ayudhaya home page. He had an adress that had a Bank of Ayudhaya URL, it seemed, but putting the curses over it showed a very different URL. It looked like he real stuff. I'm gutted that I almost went for it. Link to comment Share on other sites More sharing options...
carlton68 Posted June 3, 2007 Report Share Posted June 3, 2007 IE7 and Firefox offer some protection against Phishing. This can't be 100 percent protection so better be careful. Better never click on any link in emails that should take you to your banks website (or paypal or whatever). If you do on-line banking or use paypal then create a bookmark to the site and only ever use these bookmarks. That might be not as convenient as clicking on a link provided in an email, but sure is safer. Link to comment Share on other sites More sharing options...
gene1944 Posted June 3, 2007 Report Share Posted June 3, 2007 One of my banks, recently asked me to add a personal question/quotation that appears on their home page whenever I open their site. If that comment does not appear when I access their website, it is not their official site. Not very sophisticated but it is at least a start. Link to comment Share on other sites More sharing options...
Weird Posted June 3, 2007 Report Share Posted June 3, 2007 Becareful, just highlighting your cursor over a link doesn't necessarily show the correct link. It is very easy to change the description of a link through html. For example: Your linked text Taken from: http://www.web-source.net/html_status_description.htm That would create a link to http://www.domain.com and whenever you highlight it, it would show "'Your text description" at the bottom left. Link to comment Share on other sites More sharing options...
limbo Posted June 7, 2007 Author Report Share Posted June 7, 2007 That's exactly what this guy did, other than that, he used the original pages lifted from the Bank of Ayudhaya website. Very cunning. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.