Comments on: Phishing attacks http://expertdabbler.com/2008/09/18/phishing-attacks/ Rombo nallavan Tue, 22 May 2012 19:43:19 +0000 http://wordpress.org/?v=2.2.1 By: prabukarthik http://expertdabbler.com/2008/09/18/phishing-attacks/#comment-52389 prabukarthik Sat, 20 Sep 2008 16:15:34 +0000 http://expertdabbler.com/2008/09/18/phishing-attacks/#comment-52389 Swami Sending mails to thousand IDs, and getting at least 10 ppl to enter their credentials will be worth the effort for those who indulge in this :) Swami

Sending mails to thousand IDs, and getting at least 10 ppl to enter their credentials will be worth the effort for those who indulge in this :)

]]> By: prabukarthik http://expertdabbler.com/2008/09/18/phishing-attacks/#comment-52388 prabukarthik Sat, 20 Sep 2008 16:14:00 +0000 http://expertdabbler.com/2008/09/18/phishing-attacks/#comment-52388 Nirenjan I guess a good percentage of people who use net in India are not tech savvy, and that number is only going to increase in the days to come with more broadband penetration etc. I guess such issues will get all the more common place. I myself do not know all the stuff that you've tried and commented. Thanks for this :0 Nirenjan

I guess a good percentage of people who use net in India are not tech savvy, and that number is only going to increase in the days to come with more broadband penetration etc. I guess such issues will get all the more common place.

I myself do not know all the stuff that you’ve tried and commented. Thanks for this :0

]]> By: Swaminathan Moorthy http://expertdabbler.com/2008/09/18/phishing-attacks/#comment-52251 Swaminathan Moorthy Fri, 19 Sep 2008 09:01:08 +0000 http://expertdabbler.com/2008/09/18/phishing-attacks/#comment-52251 Even I got this mail. But the fact is that I do not have an AXIS Bank Account :) Even I got this mail. But the fact is that I do not have an AXIS Bank Account :)

]]> By: Nirenjan http://expertdabbler.com/2008/09/18/phishing-attacks/#comment-52241 Nirenjan Fri, 19 Sep 2008 04:34:46 +0000 http://expertdabbler.com/2008/09/18/phishing-attacks/#comment-52241 I thought Firefox might report it as an attack site, but apparently, no such luck. It probably hasn't made it to the blacklists. I went into the site and gave a random fake ID and password, with it telling me "We have detected a problem with your account" and proceeding to ask me for my ATM/Debit card, transaction password and e-mail. As you said, the site looks almost exactly like the original. Also, the URL is also accessed using plain HTTP, not the secured HTTPS. So I think that should also be a point for people to check. I thought Firefox might report it as an attack site, but apparently, no such luck. It probably hasn’t made it to the blacklists.

I went into the site and gave a random fake ID and password, with it telling me “We have detected a problem with your account” and proceeding to ask me for my ATM/Debit card, transaction password and e-mail.

As you said, the site looks almost exactly like the original. Also, the URL is also accessed using plain HTTP, not the secured HTTPS. So I think that should also be a point for people to check.

]]>