Just thought of a way to scam... security threat...

DrPizza · May 26, 2004

Remember the worms/viruses that changed the hosts file so that when you typed in www.google.com or yahoo or several other common sites, it caused it to redirect to a different page other than the page you were seeking?

Uhhh, what if someone did that, but instead of redirecting google or yahoo to a porn site, the hosts file directed ebay, paypal, or any number of bank pages to fake sites set up to mimic the real sites.

Thus, rather than getting an email (which most of us recognize immediately as a scam) that wants us to click some link and put in all our credit card information, the scam would rely instead on someone sincerely thinking they were going to www.ebay.com or paypal, or wherever. Then, I doubt most people would become suspicious if they were asked to re-enter their credit card information.

I hope someone here knows of a way to prevent this from happening.

(crossposted to Software... didn't know where else to post security issues)

Argo · May 26, 2004

This won't work if the site is secure. Always check for yellow lock icon prior to entering your password.

DrPizza · May 26, 2004

I'm not exactly sure what you mean... couldn't the scumbags who pull off these scams set up a secure site that mimics ebays real site? Heck, they could even serve as a proxy server of sorts... allowing a person to view the real ebay pages through their site. Then when someone bid on an item, while they thought ebay was receiving their CC info, they could be handing it over to the scammers.

(granted this is a much more sophisticated level of scamming, especially if all the words are spelled correctly

, than a simple grammatically incorrect and poorly spelled email that asks the user to click on a link that seems to go to a fake site. They have been getting the fake sites to look pretty convincing though. )

Argo · May 26, 2004

Certificate name has to match the server name. Otherwise you'll get a warning.

DrPizza · May 26, 2004

That's a good point. But, if they didn't do it as a secure site, I'm thinking they'd still be able to fool the average computer user.

BillGates · May 26, 2004

Most average puter users just click yes anyway - I could definitely see this happening.

DrPizza · May 26, 2004

Wow, not many replies in this thread... I'll bet you're all out there frantically coding away, trying to release the first virus that redirects ebay attempts to your own scam pages

I'm not worried about myself... but I bet my wife would fall for it... my parents would fall for it...

SagaLore · May 26, 2004

Originally posted by: Argo
Certificate name has to match the server name. Otherwise you'll get a warning.

An alternate domain could get a valid certificate for their domain, then no warning would appear.

DrPizza, you are absolutely right - I haven't seen this happen yet, but I'm really surprised it hasn't.

hevnsnt · May 26, 2004

lol... Or you could do one of those image scams.. That makes it appear that you are at paypal with a secure connection.

Argo · May 26, 2004

Originally posted by: SagaLore

Originally posted by: Argo
Certificate name has to match the server name. Otherwise you'll get a warning.

Click to expand...

An alternate domain could get a valid certificate for their domain, then no warning would appear.

DrPizza, you are absolutely right - I haven't seen this happen yet, but I'm really surprised it hasn't.

Since they're changing the hosts file the url would still read: www.paypal.com. The certificate would be for some other site, for example www.iamadirtyscammer.com. IE would detect that and warn the user. Also the problem with getting a certificate is that you have to provide enough documents to make it easy to track you.

DrPizza · May 26, 2004

But, if they use the image scans, that include the URL, the unsuspecting user will *see* https:\\ at the top of the page. Thus, there would be no need for certificates.

DrPizza · May 26, 2004

like this:
from a post in another recent thread

Legendary · May 26, 2004

Don't certificates require some sort of external validation?

Adul · May 26, 2004

Originally posted by: Argo
Certificate name has to match the server name. Otherwise you'll get a warning.

that can be spoofed you know.

Adul · May 26, 2004

Originally posted by: DrPizza
Wow, not many replies in this thread... I'll bet you're all out there frantically coding away, trying to release the first virus that redirects ebay attempts to your own scam pages
I'm not worried about myself... but I bet my wife would fall for it... my parents would fall for it...

Change your host file to read only then

also be sure to have up to date antivirus software.

DrPizza · May 27, 2004

Originally posted by: Adul

Originally posted by: DrPizza
Wow, not many replies in this thread... I'll bet you're all out there frantically coding away, trying to release the first virus that redirects ebay attempts to your own scam pages
I'm not worried about myself... but I bet my wife would fall for it... my parents would fall for it...

Click to expand...

Change your host file to read only then

also be sure to have up to date antivirus software.

Yes, I changed my host file to read only, and Spybot does something to it to prevent tampering. Nonetheless, can't worms/viruses still tamper with read only files? I'm not much of an expert on such things.

May 27, 2004

altering host file would require a worm/trojan/virus
the plot also involves a website, most likely a domain and hosting

tack on the act of getting a user to enter information (fraud?)

it's a risky plot...instead of getting busted for passing along malicous software...ya get nailed with fraud right with it

definately potential though, scary to think of all the people who would fall for it (hell..people fall for the paypal emails scams even now)

Falloutboy · May 27, 2004

Originally posted by: jntdesign
altering host file would require a worm/trojan/virus
the plot also involves a website, most likely a domain and hosting

tack on the act of getting a user to enter information (fraud?)

it's a risky plot...instead of getting busted for passing along malicous software...ya get nailed with fraud right with it

definately potential though, scary to think of all the people who would fall for it (hell..people fall for the paypal emails scams even now)

no one domestically could pull this off but whats stoping someone overseas in a country somewhat lax on this type of thing.

Search

Just thought of a way to scam... security threat...

DrPizza

Administrator Elite Member Goat Whisperer

Argo

Lifer

DrPizza

Administrator Elite Member Goat Whisperer

Argo

Lifer

DrPizza

Administrator Elite Member Goat Whisperer

BillGates

Diamond Member

DrPizza

Administrator Elite Member Goat Whisperer

SagaLore

Elite Member

hevnsnt

Lifer

Argo

Lifer

DrPizza

Administrator Elite Member Goat Whisperer

DrPizza

Administrator Elite Member Goat Whisperer

Legendary

Diamond Member

Adul

Elite Member

Adul

Elite Member

DrPizza

Administrator Elite Member Goat Whisperer

Falloutboy

Diamond Member

TRENDING THREADS