Warning MAJOR Scam

[fbastos]

You can't even tell by looking at the address bar:

Oh, these guys managed to place a fake URL on the address bar! Not so dumb scammers...

/renews respect for not-so-dumb scammers
/still hopes the FBI will catch them and send them to Guantanamo Bay

F.

[Bodhi]

ORIGINAL: fbastos
Oh, these guys managed to place a fake URL on the address bar! Not so dumb scammers...
F.

Not really, there's a well-known flaw in MS IE (which I assume many people use) which allows an incorrect URL to be shown in the address bar. I guess MS should have fixed it by now, but you can check if your browser is affected at this site http://secunia.com/internet_explorer_ad ... fing_test/

[Ron Saueracker]

ORIGINAL: Nikademus

there's a real easy foolproof way to ID the real mccoy vs the hacker sites.

I'll share my inside knowledge to the first 50 people who PM me their ATM pin #'s......

ACT NOW!

Teehee![:D][&o]

[Bill Durrant]

Guys

I spent a number of years investigating these type of scammers. The majority originate from West African 419 scams - they've just moved on from faxes to e-mail.

If you want to see some great, legal, retribution log on to

www.419eater.com

Make sure you click the important link that will alleviate you of any worries about racist overtones

Enjoy!

[strawbuk]

ORIGINAL: Bodhi

ORIGINAL: fbastos
Oh, these guys managed to place a fake URL on the address bar! Not so dumb scammers...
F.

Not really, there's a well-known flaw in MS IE (which I assume many people use) which allows an incorrect URL to be shown in the address bar. I guess MS should have fixed it by now, but you can check if your browser is affected at this site http://secunia.com/internet_explorer_ad ... fing_test/

@ Bodhi
And that link set my IT helpdesk alarm bells ringing why...?

[Bodhi]

Don't know why, I'm pretty sure Secunia are a bona fide Danish IT security firm.

The test is just a page with a link showing as www.microsoft.com, and the URL contains a %00 after the www.microsoft.com (and a non-printing character to blank the rest of the line), after which comes the real URL, the Secunia page URL again. If your browser is vulnerable, you'll see www.microsoft.com both in the status bar if you hover over the link, and also in the address bar if you click the link. Maybe your IT desk looks for the classic spoofing "%00" in the address?

BTW, I've just tested it in a version of IE with the latest patches and it seems to display the full URL when you hover over the link and page not found on click. There is another javascript test on the site where you can get www.yahoo.com in the address bar, but a Secunia page displayed. This one's a bit more obvious though as you get the yahoo page displayed for a short time before the Secunia page. The first problem was around for ages before MS finally fixed it, I just wonder how many people aren't aware of it and don't have updated versions of MS IE.

[Captain Cruft]

<Blatant plug>

You can avoid many of these browser security problems by using the Firefox browser.

http://www.getfirefox.com

</Blatant plug>

P.S. I would never under-estimate the ignorance of the average Internet user. It's a problem that will only go away as the more computer aware younger generations grow up ...

[Bobthehatchit]

ORIGINAL: Ron Saueracker

Let's get pissed and go get 'em![:D]

You get the pickup truck and i'll get ma shot guns!

[Admiral DadMan]

ORIGINAL: Captain Cruft


P.S. I would never under-estimate the ignorance of the average Internet user. It's a problem that will only go away as the more computer aware younger generations grow up ...

You're forgetting this: "There's a sucker born every minute."

These email "phishing" scams are the easiest ones to propogate. When they get into actual site hijacking (via poisoning a DNS Server or BGP router) is where the fun really begins.

[freeboy]

Things thatmake you want to see public executions for high crimes

[Toro]

ORIGINAL: fbastos
I'm no network specialist, but I thought that when you buy a domain like "citibank.com", then you would have control over the DNS entries on that domain (like a.citibank.com, xyz.citibank.com, gugu.gaga.citibank.com, etc...).

Unfortunately, this isn't always how it words. Depending on the variation, each can be a separate domain purchase, and when you consider how many variations there are, the price tag goes up real fast. I don't know of one company that does this. Now, legally, a company can send a cease-and-desist order to force someone to stop using their name when it will have negative impact on their brand, but, well, try to coerce the scammers in another country... they could care less.

Mostly, surfers just need to be smart. Don't give nobody no access information over the web, especially ATM/bank card stuffs.

I've reported things like this to the Secret Service and Postal Inspectors (oddly, the two groups involved with identity theft here in the US), but I think they're buried with the number coming in.

[SpitfireIX]

I got the CitiBank one at my work e-mail. I told my boss about it in light of the number of co-workers I have who ignorantly activated the last e-mail virus we got. She told me that our IT dept. doesn't bother to do anything about SPAM. [8|]

[Jaws_slith]

ORIGINAL: Kid

If you get an e-mail telling you that you've won a free game, delete it. This is what I just got in the mail. Almost fell for it because they duplicated the company's web site to the letter.

POINT OF ATTACK 2
The most comprehensive and detailed modern combat simulator ever created.
POA2 is a modern tactical level simulation that depicts combat at the platoon and individual vehicle level. By Scott Hamilton.

First top 50 customers get FREE and you are one of them

The most comprehensive and detailed modern combat simulator ever created.
POA2 is a modern tactical level simulation that depicts combat at the platoon and individual vehicle level. By Scott Hamilton.
First top 50 customers get FREE and you are one of them

Same here and stopped at the same time... but I didn't realize it was a trap. Thanks for you info[&o]

[Cap Mandrake]

Just to let you know not everything is a scam...I got this email from a former government official in Nigeria who had this big Swiss account but he couldn't get to it because he needed some "earnest money" or something like that. So I electronically transferred $2500 to an account in Zurich and any day now I should be getting a 6 or 7 figure check. He seemed really thankful too.

I'm thinking of getting a vacation condo in Cabo San Lucas [8D]





[;)]

[Feinder]

(* points to location *)

And I am so thankful for it Capt. Mandrake! You'll be getting your check any day now!

-F-

[Sonny]

ORIGINAL: Kid

They gave me a number and a link. When I used the link, it took to to a Web site that looked like the real thing. I was entering information into the form but stopped when they asked for my ATM PIN #. Next I used my favorites to go to the the real site and they have a BIG warning posted not to fall for the scam.

So, did you get the free game??[:D][:D][:D]

As soon as I see the word FREE I delete email without even looking at anything else.

[donkuchi19]

ORIGINAL: Tankerace

You'd think Hackers would finally realize that not everyone on the net is a complete idiot.... oh well, maybe someday.

Unfortunately, there are enough people that are idiots to keep them in business. If someone sent out 5,000 e-mails and got two responses that netted $5,000, that would keep them in business for a while.

[donkuchi19]

I have also been getting the same phishing scheme about Sun Trust Bank. That was an easy one to figure out because I have never had an account with them.

[Cap Mandrake]

ORIGINAL: Feinder

(* points to location *)

And I am so thankful for it Capt. Mandrake! You'll be getting your check any day now!

-F-

Great! You are without doubt one of the nicest Nigerians I have ever met. I will add you to my Christmas list [;)]

[siRkid]

ORIGINAL: Sonny

ORIGINAL: Kid

They gave me a number and a link. When I used the link, it took to to a Web site that looked like the real thing. I was entering information into the form but stopped when they asked for my ATM PIN #. Next I used my favorites to go to the the real site and they have a BIG warning posted not to fall for the scam.

So, did you get the free game??[:D][:D][:D]

As soon as I see the word FREE I delete email without even looking at anything else.

I was taken in because I do buy their games and the web site looked just like their's. An the promotion was for the first fifty, like raido stations sometimes do. I'm just glad my don't trust anything for free switch kicked in when it did. LOL