 amark
join:2001-02-09
94045 | Facebook-Email Telling Picture on Album 32 dot Com? Scam??? Received an email from Facebook Friend stating:
"go to album 32 dot com and search"had my name", then click on first photo. I bet you didn't remember that, eh?"
Did that and saw a photo-strange. Then I did a search for album 32 dot com and saw thread on yahoo that a scam to retrieve password.
Did a scan with MSSE and nothing, but said a scam to get password. I did change password, but is there any other concerns I should be aware of?
Advice appreciated, thanks!
--
Love That SpongeBob! Great Forum |
|
| reply to amark
Re: Facebook-Email Telling Picture on Album 32 dot Com? Scam??? Trick is old as the world, fake facebook login page to get your user/pass for facebook. |
|
amark
join:2001-02-09
94045 | Well new to me-I changed the email ASAP.
Are there any other concerns having that password?
Security Issues or anything I might be missing?
Thanks.
--
Love That SpongeBob! Great Forum |
|
 sivranOpera convertPremium
join:2003-09-15
Arlington, TX
kudos:1 | reply to amark
Every email is a scam, phish, or malware lure until proven otherwise.  |
|
 Name GamePremium
join:2002-07-07
North Myrtle Beach, SC
kudos:7 | reply to amark
It did not come from your friend..others are also getting it and contacted the friend and they said" no not from me" |
|
amark
join:2001-02-09
94045 | reply to amark
OK-Could someone let me know if there are any other concerns besides getting my password?
--
Love That SpongeBob! Great Forum |
|
|
|
Name GamePremium
join:2002-07-07
North Myrtle Beach, SC
kudos:7 | Album 32 dot Com is now down...
This is a phishing scam designed to capture your Facebook login ID and password.
When you go to the website, it redirects you to a fake FB login page with a cleverly faked URL in the address bar -- both designed to look very much like the real FB page.
As soon as you "logged in" there, the scammers captured your login information.
Log into the REAL Facebook directly -- by typing www.facebook.com -- and change your password ASAP.
Edit: Even if you received this from a "trusted source" or "trusted friend" via Facebook message, then they have already had their account compromised.
Also people that were already logged into facebook when they went to the fake login..it of course asked them to login again..that tipped many off it was fake.
Question for you..do you have a yahoo email account and that is where you got this phishing email ? Asked because I sure see a lot of yahoo users complaining about this one..so maybe that is the connection.
--
Gladiator Security Forum
»www.gladiator-antivirus.com/
|
|
amark
join:2001-02-09
94045 | What do they do with the password?
I am curious if there is anything else they do with the password or account.
Are there any other security issues to be concerned about?
How did they get my email address as well.
Thanks for info.
--
Love That SpongeBob! Great Forum |
|
Name GamePremium
join:2002-07-07
North Myrtle Beach, SC
kudos:7
1 edit | This is the fake site album32.com..don't go to it and login to your facebook...answer my question about if you have a yahoo email account above.
Are you using the same password for multiple site and your email login ? |
|
Name GamePremium
join:2002-07-07
North Myrtle Beach, SC
kudos:7 | reply to amark
You can read more about it here....
»facecrooks.com/Scam-Watch/hey-go···cam.html |
|
 SnowymIRC unix.ro UnderNetPremium
join:2003-04-05
Kailua, HI
kudos:6
 ·RoadRunner Cable
 ·Clearwire Wireless
| reply to Name Game
said by Name Game:This is the fake site album32.com..
The album32.com site isn't hosting any phish content, It's a redirector to the phish page. The site hosting the facebook phish is actually hxxp://www.facebook.com.login.php-profile-signin-gkmeydlw.ihtts.com/index.php?s=dot WHOIS Data - IHTTS.COM Service Provided By: Center of Ukrainian Internet Names Website: » www.ukrnames.comContact: +380.577626123 Domain Name: IHTTS.COM Creation Date: 11-Oct-2012 Modification Date: 11-Oct-2012 Expiration Date: 11-Oct-2013 Domain servers in listed order: ns1.bluehostingsolutions.com ns2.bluehostingsolutions.com Registrant: Vladislav Petrenko altsrv@gmail.com 127020, Moskva, Marksa, 237, 93 Moskva, 127020 UKRAINE +7.9072351981 Billing Contact: Vladislav Petrenko altsrv@gmail.com 127020, Moskva, Marksa, 237, 93 Moskva, 127020 UKRAINE +7.9072351981 Administrative Contact: Vladislav Petrenko altsrv@gmail.com 127020, Moskva, Marksa, 237, 93 Moskva, 127020 UKRAINE +7.9072351981 Technical Contact: Vladislav Petrenko altsrv@gmail.com 127020, Moskva, Marksa, 237, 93 Moskva, 127020 UKRAINE +7.9072351981 |
|
Name GamePremium
join:2002-07-07
North Myrtle Beach, SC
kudos:7 | Exactly that is why it is a fake site..and this link posted above explains the redirect.
»facecrooks.com/Scam-Watch/hey-go···cam.html |
|
Name GamePremium
join:2002-07-07
North Myrtle Beach, SC
kudos:7 | reply to Snowy
Yes! Site Ihtts.com now online.
www.ihtts.com
Rating:
2.5/5.0 Stars by StatsCrop
\
Ihtts.com IP address is 31.192.109.216, and its server is hosted at India. The server distance from you is 12,721.75 km (7,904.93 miles). Last updated on Tue, 16 Oct 2012 03:58:15 GMT.
Site Title: ihtts.com
IP Address: 31.192.109.216 [Trace] [Reverse]
Server GEO: Latitude: 20° North / Longitude: 77° East / Distance: 12,721.75 km (7,904.93 miles)
Server Location: India
DNS Records Analysis
ihtts.com has address 31.192.109.216
www.ihtts.com has address 31.192.109.216
Websites Hosted On Same IP Address Analysis
The server IP address of Ihtts.com is 31.192.109.216, we have found 6 websites hosted on this server.
You also from here to view more infomations, or view websites hosted at the same network as Ihtts.com from here.
Rank Domain IP Address
#1,681,344 photo1998.com IP address: 31.192.109.216
#4,424,650 album92.com IP address: 31.192.109.216
#2,535,578 albums96.com IP address: 31.192.109.216
#11,508,184 albums99.com IP address: 31.192.109.216
n/a stphtm.com IP address: 31.192.109.216
n/a album32.com IP address: 31.192.109.216
»www.statscrop.com/www/ihtts.com
--
Gladiator Security Forum
»www.gladiator-antivirus.com/
|
|
Name GamePremium
join:2002-07-07
North Myrtle Beach, SC
kudos:7 | reply to Snowy
The last scam like this back in May 2012 used this site
»www.statscrop.com/www/loginhtn.com |
|
SnowymIRC unix.ro UnderNetPremium
join:2003-04-05
Kailua, HI
kudos:6 Reviews:
·RoadRunner Cable
·Clearwire Wireless
| reply to Name Game
said by Name Game:Exactly that is why it is a fake site..and this link posted above explains the redirect.
Not busting your b's at all but there are a few accepted terms used to describe phishing components
The site "album32.com" isn't a 'fake' site.
It's acting as a 'redirector'.
A redirector redirects to either another redirector or to the actual phishing page.
album32.com = 'redirector' or 'redirector page'.
Whereas .ihtts.com/index.php?s=dot is the 'fake' page or preferably referred to as the 'phishing page'.
One reason making the distinction between a redirector & a phsh content host matters is that different approaches will made regarding whether a page is a redirector or a phish content host. |
|
Name GamePremium
join:2002-07-07
North Myrtle Beach, SC
kudos:7 | It's fake..  In fact it is a fake thingie. And people that get hit with it could care less what the mechanic calls it..
»www.mywot.com/en/forum/18626-fac···7411#new
fake 1 (fk)
adj.
Having a false or misleading appearance; fraudulent.
n.
1. One that is not authentic or genuine; a sham.
»www.thefreedictionary.com/fake
and ihtts.com is not fake..it is up and running and doing it's thing
--
Gladiator Security Forum
»www.gladiator-antivirus.com/
|
|
SnowymIRC unix.ro UnderNetPremium
join:2003-04-05
Kailua, HI
kudos:6 Reviews:
·RoadRunner Cable
·Clearwire Wireless
| said by Name Game:It's fake.. In fact it is a fake thingie. And people that get hit with it could care less what the mechanic calls it..
Ok, I tried.  |
|
