Someone tried to phish me...
I’m kind of surprised that this hasn’t happened more, but I got my very first phishing attempt in my inbox this morning…
Check this out:
(click on the image for more detail)
This appears to be a message from ebaY. But it’s not. The link seems honest enough, http://signin.ebay.com, but since HTML mail has a lot of presentation power, links can be deceiving.
Hovering your mouse over the link shows a very different destination address. Notice the yellow address below the blue link in the screenshot. If you click on that link, you will be brought to a fake ebaY site. Some users may happily enter their account information, including their password. This information is then sent right to the thieves who go and use your account as they wish.
This kind of phishing can be used for any web site, not just ebaY. It will also work on Windows, Mac, and Linux users since it doesn’t rely on any specific technology other than HTML mail. Be careful!
I recommend that anyone reading this download and install spoofstick, which is a free extension to IE and Firefox that will always reveal such URL inconsistencies in a very clear manner.
Comments
Yeah those suck. I've got a couple; now, in OS X Mail, I show Full Headers and right in plain sight is the revealing fact that the email originated from a .ru or .tw domain name. That tips me off right away :)
Posted by: Tim Germer | September 12, 2005 7:50 PM