Sponsors

Looking for something?

If your looking for a post or article but can't seem to find it anywhere, then why not check the archives? All older posts that no longer appear on the frontpage will be archived.

Go to Archives

Top 5 Most popular posts/articles

Entry RSS

Recent Comments/Trackbacks

Comments RSS
HTML Tutorials
Articles
CSS Tutorials
Website Development Tools
Resources

Phishing Emails, Websites and how to spot them

November 7th, 2008 Computers, Internet 4 Comments

- Post was last modified on June 3rd, 2009.
post-thumb

Phishing emails (Not fishing), also known as hoax or fake emails are generally assosiated with websites that use some form of online payment system, a classic target is banks, as many banks have the option to do online banking phishing can be found occuring within that sector, however today I received a very suspect email from eBay (Well claiming to be eBay) So you may be thinking so what? Well what makes this email so suspect already is the fact I don't have a ebay account or having to do with eBay assosiated with my email address!

So I already have a very suspect email in my inbox, but me being the curious type I decide to play along and click the link below to see what it leads to.

Caution: Im doing this because I have taken the precautions of going along with the while idea of pretending to be fooled by a potenial fake website and email. I am running several anti-phishing applications as well as running Anti-Virus and firewall software. This information is soley to show others what phishing is and how to spot them

The suspect email (Click to enlarge):


email

Like I said because I don't have a ebay account, this is a very suspect email and notice that the email doesn't even have my email address in the to field.

Reasons why this email is a phishing/hoax/fake:

  • Looking at the email as if I had a email account notice how it says "eBay member" and not an actual ID
  • Look at the email address it's from aw-confirm@ebay.com the aw part of the email is suspect as I can't link it to anything related to the department it's messaging from, plus you'd expect something a address such as noreply@ebay.com as most company's would be running automated mail systems
  • The email itself is very short and breif and doesn't give any details what so ever to what to do other than click the link.

Where does the link go?

Because I was aware of the situation and was protected from anything from happening I decided to follow the emails instructions. The computer Im working on is protected from anything concerning foul play or getting out of hand so with the precautions taken I went ahead.

The link in the email brings me to what looks like the ebay wesbite, and is asking me to login. Of course like I said I don't have an account so I can't go any further (Nor would you want to if you did) but still I decided to study the website and found some alarming reasons why it's a hoax

The website content (Click to enlarge):


website

So this is the page that the link takes me to, looks like eBay right? Yes but has anyone told you looks can be deceving?

Here's some reasons why it's a fake:

  • Immediately the URL that you see in my browser is defiantly alarming. Instead of eBay.com we see a IP Address. I decided to check out the IP Address and not to my suprise the IP Address displays a default screen set buy the websites host. (Scroll down to below see what returns when you go to the IP Address)

  • Comparing the actual sign in page to the real eBay website I saw mis-match differences such as the layout positioning
  • In newer browsers places like sign in forms that require secure logins will have a green or red colour background on the URL bar. On the fake website this did not occur, however looking at the real login form to the eBay site my browser's URL page lighted as Green.

Some dectective work:

To help show you how to spot fake websites I've gone ahead and also added in some images to help show you. Compare the fake website compared to the real website below what do you think

Fake Version (Click to enlarge):


Fake Version

Real Version (Click to enlarge):


Real Version

Like I said before the IP Address that is in the fake website URL just returns some default page set by the website host when viewed in a browser. You will find this is a common occurance with fake websites, and hence why the people tell you to look at the URL closely to make sure you logging onto the actual website you think your on.

The mysterious IP URL (Click to enlarge):


Fake Website IP

Phishing emails uses a server IP following the http:// in the URL alot and this is a instant way off telling if the website is fake.

What do these phishing attempts want off you?

It's a good questions to ask, but really the answer is simple but does vary depending on what instance it's in. Using this eBay example the phishing website and email is trying to get me to input my username and password into the sign in form produced by the fake website. If I was to fall for the attempt the details I inputted would not be sent to ebay's secure database, but recorded into a database set up by the Phisher. With these details a Phisher now has my eBay account and also has the password to access it and now could obtain fianacial information (Such as bank accounts) as well as my identity. The prospect of it all isn't nice is it?

So to conclude, this is a classic example of phishing. I hope this give you more of a insight on phishing and how to protect yourself againest it, don't be fooled and stay safe when your online! And yes I have informed eBay of this and 30 minitues later of reporting it I've got a message back saying it is indeed a fake. Stay safe online people!

4 Reader Comments, Why not join the party?

  •  

  • Oliver Newport
    November 10th

    Of course if you didn't use sucky browers like Internet Explorer then you would find yourself being 'phished' per sa. But use FireFox and it knows full stop if the websites a hoax by looking at the content and the IP and then asking if you would like to continue at your own risk.

  • James
    November 10th

    Most newer generation browsers include phishing filters or protection of some sort, IE may not be as good as other browsers at spotting phishing but it works. Like I said, I did this only to show others about the whole phishing scene. I knew what I was doing, and neither my browser, computer or any personal information was compramised.

  • FedEx
    November 15th

    Very much people still do very much page like that to scam. They have not any job and very much free time to do that. It's very waste time and not a real job.

  • James
    November 15th

    FedEx you are correct, there are still many phising scam websites out there, however in this generation browsers and websites are using counter measures against them and protection over the years has been strengthned.

    However I still say be careful, stay alert and be safe when your online

Leave a Reply





Please Note:

Comments are moderated by both human and automatic resources, to help control the amount of spam comments, as well as unsuitable comments. When you post a comment it should appear instantly, but a comment may be held for moderation if it is deemed suspect for a variety of reasons such as spam, or contains content that may be unsuitable for display. If this is the case you will be notified when you post your comment. Comments are reviewed on a daily basis. For information about comments on James' Blog please click here to read the comments policy.