• We’re currently investigating an issue related to the forum theme and styling that is impacting page layout and visual formatting. The problem has been identified, and we are actively working on a resolution. There is no impact to user data or functionality, this is strictly a front-end display issue. We’ll post an update once the fix has been deployed. Thanks for your patience while we get this sorted.

Just thought of a way to scam... security threat...

DrPizza

DrPizza

Administrator Elite Member Goat Whisperer
Remember the worms/viruses that changed the hosts file so that when you typed in www.google.com or yahoo or several other common sites, it caused it to redirect to a different page other than the page you were seeking?

Uhhh, what if someone did that, but instead of redirecting google or yahoo to a porn site, the hosts file directed ebay, paypal, or any number of bank pages to fake sites set up to mimic the real sites.

Thus, rather than getting an email (which most of us recognize immediately as a scam) that wants us to click some link and put in all our credit card information, the scam would rely instead on someone sincerely thinking they were going to www.ebay.com or paypal, or wherever. Then, I doubt most people would become suspicious if they were asked to re-enter their credit card information.

I hope someone here knows of a way to prevent this from happening.

(crossposted to Software... didn't know where else to post security issues)
 
This won't work if the site is secure. Always check for yellow lock icon prior to entering your password.
 
I'm not exactly sure what you mean... couldn't the scumbags who pull off these scams set up a secure site that mimics ebays real site? Heck, they could even serve as a proxy server of sorts... allowing a person to view the real ebay pages through their site. Then when someone bid on an item, while they thought ebay was receiving their CC info, they could be handing it over to the scammers.

(granted this is a much more sophisticated level of scamming, especially if all the words are spelled correctly 😀, than a simple grammatically incorrect and poorly spelled email that asks the user to click on a link that seems to go to a fake site. They have been getting the fake sites to look pretty convincing though. )
 
That's a good point. But, if they didn't do it as a secure site, I'm thinking they'd still be able to fool the average computer user.
 
Wow, not many replies in this thread... I'll bet you're all out there frantically coding away, trying to release the first virus that redirects ebay attempts to your own scam pages 😛
I'm not worried about myself... but I bet my wife would fall for it... my parents would fall for it...
 
Originally posted by: Argo
Certificate name has to match the server name. Otherwise you'll get a warning.
Click to expand...

An alternate domain could get a valid certificate for their domain, then no warning would appear.

DrPizza, you are absolutely right - I haven't seen this happen yet, but I'm really surprised it hasn't.
 
lol... Or you could do one of those image scams.. That makes it appear that you are at paypal with a secure connection.
 
Originally posted by: SagaLore
Originally posted by: Argo
Certificate name has to match the server name. Otherwise you'll get a warning.
Click to expand...

An alternate domain could get a valid certificate for their domain, then no warning would appear.

DrPizza, you are absolutely right - I haven't seen this happen yet, but I'm really surprised it hasn't.
Click to expand...

Since they're changing the hosts file the url would still read: www.paypal.com. The certificate would be for some other site, for example www.iamadirtyscammer.com. IE would detect that and warn the user. Also the problem with getting a certificate is that you have to provide enough documents to make it easy to track you.
 
But, if they use the image scans, that include the URL, the unsuspecting user will *see* https:\\ at the top of the page. Thus, there would be no need for certificates.
 
Originally posted by: DrPizza
Wow, not many replies in this thread... I'll bet you're all out there frantically coding away, trying to release the first virus that redirects ebay attempts to your own scam pages 😛
I'm not worried about myself... but I bet my wife would fall for it... my parents would fall for it...
Click to expand...

Change your host file to read only then 🙂

also be sure to have up to date antivirus software.
 
Originally posted by: Adul
Originally posted by: DrPizza
Wow, not many replies in this thread... I'll bet you're all out there frantically coding away, trying to release the first virus that redirects ebay attempts to your own scam pages 😛
I'm not worried about myself... but I bet my wife would fall for it... my parents would fall for it...
Click to expand...

Change your host file to read only then 🙂

also be sure to have up to date antivirus software.
Click to expand...

Yes, I changed my host file to read only, and Spybot does something to it to prevent tampering. Nonetheless, can't worms/viruses still tamper with read only files? I'm not much of an expert on such things.
 
altering host file would require a worm/trojan/virus
the plot also involves a website, most likely a domain and hosting

tack on the act of getting a user to enter information (fraud?)

it's a risky plot...instead of getting busted for passing along malicous software...ya get nailed with fraud right with it

definately potential though, scary to think of all the people who would fall for it (hell..people fall for the paypal emails scams even now)
 
Originally posted by: jntdesign
altering host file would require a worm/trojan/virus
the plot also involves a website, most likely a domain and hosting

tack on the act of getting a user to enter information (fraud?)

it's a risky plot...instead of getting busted for passing along malicous software...ya get nailed with fraud right with it

definately potential though, scary to think of all the people who would fall for it (hell..people fall for the paypal emails scams even now)
Click to expand...

no one domestically could pull this off but whats stoping someone overseas in a country somewhat lax on this type of thing.
 
You must log in or register to reply here.

TRENDING THREADS

Back
Top