Upvote Upvoted 18 Downvote Downvoted
interesting phishing site
1
#1
0 Frags +

so today i came across yet another scammer. instead of trying to steal my items this guy linked me to a phishing site. i found this one to be especially interesting:

https://i.imgur.com/dH3tWSK.jpg

as you can see, this site prompts you for a login, opening what appears to be a legit steam login window (the "address" is right). however, the popup it has opened is actually a non-address bar popup, and the apparent address bar and SSL certificate icon are actually images (they animate when clicked on or hovered over, making this even more difficult to determine for some people)

i haven't seen anything like this for tf2/cs before so thought i'd post it. interesting stuff.

so today i came across yet another scammer. instead of trying to steal my items this guy linked me to a phishing site. i found this one to be especially interesting:
[img]https://i.imgur.com/dH3tWSK.jpg[/img]

as you can see, this site prompts you for a login, opening what appears to be a legit steam login window (the "address" is right). however, the popup it has opened is actually a non-address bar popup, and the apparent address bar and SSL certificate icon are actually images (they animate when clicked on or hovered over, making this even more difficult to determine for some people)

i haven't seen anything like this for tf2/cs before so thought i'd post it. interesting stuff.
2
#2
45 Frags +

Clever. Anyone who clicks on skin related links might as well be put in a zoo anyway, but thanks for the heads up.

Clever. Anyone who clicks on skin related links might as well be put in a zoo anyway, but thanks for the heads up.
3
#3
24 Frags +

link is probably an IP grabber aswell might not wanna click links like those even out of curiosity

link is probably an IP grabber aswell might not wanna click links like those even out of curiosity
4
#4
-5 Frags +

I had a nightmare last night all my accounts were hacked. Spooky.

I had a nightmare last night all my accounts were hacked. Spooky.
5
#5
11 Frags +
Spritelink is probably an IP grabber aswell might not wanna click links like those even out of curiosity

is there much that can be done to someone if they have their IP tho?

[quote=Sprite]link is probably an IP grabber aswell might not wanna click links like those even out of curiosity[/quote]
is there much that can be done to someone if they have their IP tho?
6
#6
0 Frags +

sounds pretty much exactly the same as what i experienced a while ago. in my steam and web browsers my outgoing trade offers would be redirected automatically to fake/impersonation accounts. lost an unu trying to deposit it to marketplace.tf.
see http://www.teamfortress.tv/50452/scam-warning

sounds pretty much exactly the same as what i experienced a while ago. in my steam and web browsers my outgoing trade offers would be redirected automatically to fake/impersonation accounts. lost an unu trying to deposit it to marketplace.tf.
see http://www.teamfortress.tv/50452/scam-warning
7
#7
1 Frags +

why did they blur out the boobies in the background?

why did they blur out the boobies in the background?
8
#8
3 Frags +
FuxxClever. Anyone who clicks on skin related links might as well be put in a zoo anyway, but thanks for the heads up.

indeed. i always try to (safely) test all these scam links as i study security and find them interesting. entering your details in this site seems to result in it just telling you the details are incorrect which is disappointingly non-creative :(

[quote=Fuxx]Clever. Anyone who clicks on skin related links might as well be put in a zoo anyway, but thanks for the heads up.[/quote]

indeed. i always try to (safely) test all these scam links as i study security and find them interesting. entering your details in this site seems to result in it just telling you the details are incorrect which is disappointingly non-creative :(
9
#9
-3 Frags +
EncreSpritelink is probably an IP grabber aswell might not wanna click links like those even out of curiosityis there much that can be done to someone if they have their IP tho?

well if they have your account details or even just your e-mail they can get access to a shitload of other things related to you from your personal information, and if certain sites only let 1 person be logged into the account at one time they can hold you offline by ddosing your IP and then hack into your shit and you can't do shit about it unless you have a dynamic IP

[quote=Encre][quote=Sprite]link is probably an IP grabber aswell might not wanna click links like those even out of curiosity[/quote]
is there much that can be done to someone if they have their IP tho?[/quote]

well if they have your account details or even just your e-mail they can get access to a shitload of other things related to you from your personal information, and if certain sites only let 1 person be logged into the account at one time they can hold you offline by ddosing your IP and then hack into your shit and you can't do shit about it unless you have a dynamic IP
10
#10
7 Frags +
Spritewell if they have your account details or even just your e-mail they can get access to a shitload of other things related to you from your personal information, and if certain sites only let 1 person be logged into the account at one time they can hold you offline by ddosing your IP and then hack into your shit and you can't do shit about it unless you have a dynamic IP

this is somewhat misinformed. IPs are not exactly private information lol

[quote=Sprite]
well if they have your account details or even just your e-mail they can get access to a shitload of other things related to you from your personal information, and if certain sites only let 1 person be logged into the account at one time they can hold you offline by ddosing your IP and then hack into your shit and you can't do shit about it unless you have a dynamic IP[/quote]

this is somewhat misinformed. IPs are not exactly private information lol
11
#11
-3 Frags +
CyanicSpritewell if they have your account details or even just your e-mail they can get access to a shitload of other things related to you from your personal information, and if certain sites only let 1 person be logged into the account at one time they can hold you offline by ddosing your IP and then hack into your shit and you can't do shit about it unless you have a dynamic IP
this is somewhat misinformed. IPs are not exactly private information lol

your email address can lead to getting alot of personal info

[quote=Cyanic][quote=Sprite]
well if they have your account details or even just your e-mail they can get access to a shitload of other things related to you from your personal information, and if certain sites only let 1 person be logged into the account at one time they can hold you offline by ddosing your IP and then hack into your shit and you can't do shit about it unless you have a dynamic IP[/quote]

this is somewhat misinformed. IPs are not exactly private information lol[/quote]

your email address can lead to getting alot of personal info
12
#12
0 Frags +

If you don't already: use 2FA for everything you don't want hacked.

If you don't already: use 2FA for everything you don't want hacked.
Please sign in through STEAM to post a comment.