Search:  

 
theme to white backgroundlet page decide theme
HomeFind ServiceReviewsISP NewsFAQsForumsToolsDatabaseAbout 
 
   All ForumsHot TopicsGallery






how-to block ads


 
Forums » Danger - Phishing ahead » Don't trust the Lock icon either!
Search Topic:
 Share Topic:
RSS topic:
toggle:
flat / full
normal / watch
Post a:
Post a:
AuthorAll Replies


justin
Australian
join:1999-05-28
Brooklyn, NY

Host:
IPv6
Business Connectiv..
Home/Office setup ..
Console/Handheld g..
Console Tech
reply to Googled
Re: Don't trust the Lock icon either!

thats cute. I figured there would be creative use of redirectors.

I mean - you could post one of those "Special offer" links, the ones that nobody expects to look correct because they are long and have affiliate pay-on-click codes in them? - and then redirect to a phished version of SBC DSL signup page and keep them within it. Then collect credit card numbers for days before the victims noticed.
to forum · permalink · · 2003-12-12 17:48:59 · Reply to this


Googled
Yay, I have FIOS

join:2001-08-13
Orchard Park, NY
·VoicePulse

 reply to justin
I was thinking some more about this bug and I came up with an even scarier usage.

Using the Apache "Redirect" directive you can phish an entire site! Just put this into your httpd.conf!


Redirect /test "http://www.domainyouwant.com^A@www.domainyouhave.com"


Now anyone who visits www.domainyouhave.com/test will be redirected to the phished site! Doing this makes IE automatically modify EVERY link on the page to a phished version!

--
DirecWay DW3000 DRS, SatMex 5 1170 gateway 164, P3-533/256 MB, AOL+ 7.0 4114.10712 on 98SE w/ICS,shared to 2 x 2K Pro, 1 x Redhat Linux 7.3, 1 x Netgear 802.11b
to forum · permalink · · 2003-12-12 17:43:22 · Reply to this
Forums » Danger - Phishing ahead

Saturday, 05-Dec 15:54:07 Terms of Use | Privacy Policy | Hosting by www.nac.net - DSL,Hosting & Co-lo | feedback | contact
over 10 years online! © 1999-2009 dslreports.com.
page compression OFF
Most commented news this week
· [163] Comcast Releasing Promised Usage Meter
· [147] Avast Antivirus Has Gone Mad
· [127] Comcast Makes NBC Universal Acquisition Official
· [104] Graduate Student Unveils Sprint's GPS Sharing With Feds
· [101] Google Invades ISP, OpenDNS Turf With Google Public DNS
· [99] The Bandwidth Hog Does Not Exist
· [85] FCC Ponders Moving From PSTN To IP Voice
· [81] Latest Consumer Reports Survey Not Kind To AT&T
· [80] New Bill Aims To Limit ETFs
· [74] Sprint Defuses GPS Privacy Media Bomb
Most people now reading
· False positive in Avast! or is it real? [Security]
· Wife might have to work in.... Iowa for a few months!!! [General Questions]
· Windows 7 boot manager editing questions [Microsoft Help]
· [How to] Install Asterisk on an Asus WL-520GU router [VOIP Tech Chat]
· 3.x Feral Druid - Bear Tanking Guide [World of Warcraft]
· First commercial tool to crack BitLocker arrives (Updated) [Security]
· What is the spell hit cap for a lvl 80 full arcane spec mage [World of Warcraft]
· DNS options, what are YOU using? [TekSavvy]
· Farewell [Bell Canada]
· Connecting to Google Voice Via SIP [VOIP Tech Chat]