HomeHome  Latest imagesLatest images  SearchSearch  RegisterRegister  Log in  

 

 Let's Go Phishing

Go down 
3 posters
AuthorMessage
_Howard
Admin
_Howard


Posts : 8734
Join date : 2013-01-16
Age : 79
Location : California

Let's Go Phishing Empty
PostSubject: Let's Go Phishing   Let's Go Phishing EmptyThu Sep 29, 2016 12:23 pm

God damned phishermen. Got a text message from one of them.

Quote :
<Bank name> Online - We have detected suspicious activity on your account. Please log in to restore access :
https:\\t.co\RsoN9YQ3MG
Note: I used the wrong slashes so that the text does not create a link.

The bank that was named is one in which I have parked some money.

I went to their website - on my computer - and everything was fine. They showed no alerts sent to me within the last month.

Naturally, I did not click on the link in the text message. The "t.co" is a Twitter link. I do not have a Twitter account.
The phone number from which the text was sent shows up as belonging to Delish Beauties in Saint Paul, Minnesota.

If they are going to phish, they need better bait.
Back to top Go down
_Howard
Admin
_Howard


Posts : 8734
Join date : 2013-01-16
Age : 79
Location : California

Let's Go Phishing Empty
PostSubject: Re: Let's Go Phishing   Let's Go Phishing EmptyThu Sep 29, 2016 5:17 pm

Just for grins, I fired up the old XP box and tried this url in the browser.
No such page reported by Twitter. So what the hell are they trying to do with giving me an invalid URL?
As the phishing was on an iPhone, I wonder if there's something in Safari that would respond in some way to the address. It did seem kind of odd that there were upper- and lower-case characters in the address; URLs are not case-sensitive.


Back to top Go down
richard09

richard09


Posts : 4227
Join date : 2013-01-16

Let's Go Phishing Empty
PostSubject: Re: Let's Go Phishing   Let's Go Phishing EmptyThu Sep 29, 2016 7:05 pm

I think I have mentioned that I'm a bridge player. The other day, I sent a link to another player:
https://chrisryall.net/bridge/1nt-complex.htm

He emailed me back to say that the link doesn't work. I said that was strange, because it worked fine for me. He said I've tried it in Chrome and Safari and on my phone, and I get an error message like

404 Not Found
The requested file /bridge/1nt-complex.htm does not exist on this server

but the URL in the address bar is
https://avlinux.treewind.co.uk/bridge/1nt-complex.htm

Something (maybe anti-virus?) is changing the URL and then saying its not found. But the page is there at the real URL, and isn't infected. To make it a little stranger, my buddy says he tried Googing "Chris Ryall bridge", and even trying to access it from the search results he still got the error. I won't see him until Tuesday, to see this behavior with my own eyes.

Have you seen behavior like this?
Back to top Go down
NoCoPilot

NoCoPilot


Posts : 20169
Join date : 2013-01-16
Age : 69
Location : Seattle

Let's Go Phishing Empty
PostSubject: Re: Let's Go Phishing   Let's Go Phishing EmptyThu Sep 29, 2016 7:47 pm

Firefox with NoScript returns an error that the website is set up incorrectly:
Quote :
Your connection is not secure

The owner of chrisryall.net has configured their website improperly. To protect your information from being stolen, Firefox has not connected to this website.
Back to top Go down
_Howard
Admin
_Howard


Posts : 8734
Join date : 2013-01-16
Age : 79
Location : California

Let's Go Phishing Empty
PostSubject: Re: Let's Go Phishing   Let's Go Phishing EmptyFri Sep 30, 2016 8:22 am

That's very strange, Richard.

avlinux is a distro of Debian Linux.

treewind.co.uk is listed as a web hosting site.

How the change got made is perplexing.
Back to top Go down
_Howard
Admin
_Howard


Posts : 8734
Join date : 2013-01-16
Age : 79
Location : California

Let's Go Phishing Empty
PostSubject: Re: Let's Go Phishing   Let's Go Phishing EmptyFri Sep 30, 2016 10:00 am

I did a trace route on https://chrisryall.net. The trace terminated at treewind.co.uk. So it appears that chrisryall.net is hosted by treewind.

If there was a problem with chrisryall.net at the time your friend tried to access it, then the error message was generated by treewind. So the URL of the error message makes sense. As to why your friend could not connect at the time is one of the mysteries of the internet.
Back to top Go down
Sponsored content





Let's Go Phishing Empty
PostSubject: Re: Let's Go Phishing   Let's Go Phishing Empty

Back to top Go down
 
Let's Go Phishing
Back to top 
Page 1 of 1
 Similar topics
-
» Lets Get Meta
» Chinese Zoo Locks Visitors in Cages, Lets Animals Roam Free

Permissions in this forum:You cannot reply to topics in this forum
 :: Topics :: Science & Tech-
Jump to: