What is Phishing?Phishing is the act of gaining information such as passwords, credit card details, and other sensitive information by pretending to be a trustworthy company/business.
Commonly Phishers use email and sometimes instant messaging, whilst masquerading as, for example; Paypal, Ebay or a well known bank. A common trick is to apparently link to a legimate site, while actually re-directing you to an identical looking fake site, where you will be asked to give information such as your banking details/username/password etc.
Note, that by using Javascript for instance, the Phisher can even make it appear that you are on the real site by placing a false address in your address bar. More in-depth methods include cross-site scripting, where the Phisher makes use of holes in a legitimate website's scripts to gain information from you.
It can become very in-depth, (more than someone with my basic computing knowledge can explain.)
...
Rapidshare Phishing:On adult forums the main threat is from Phishers who want to get hold of the accounts of Rapidshare premium members. Non premium members are also a major target as the false Rapidshare website will contain a link for opening a premium account. Obviously entering your credit card/paypal details into this false website will lose you money.
...
Safeguards:Remember sites like Paypal will not send you emails asking for your details, neither will banks. Phishers use scare tactics such as messages saying "your account has been overdrawn" to reel you in.
Never click on links to sites like Paypal that are in an email. Always go to the site by typing the address into your browser, or clicking on the link in your "favourites" menu.
All members with existing Rapidshare accounts should log in directly from the Rapidshare homepage before they start their days downloading. Staying logged in 24/7 is also fine. That way if you're asked to enter your log-in details you will know that something is up.
The Rapidshare homepage is
http://www.rapidshare.com/ and the premium log-in page is
https://ssl.rapidshare.com/premiumzone.html - Note that the premium log-in starts with https:// ( a SSL or "Secure Socket Layer" page) and
not http:// Smarter Phishers will create fake SSL scripts, but it's worth remembering that the premium log-in homepage will be SSL secure, as many Phishers won't put in the extra work to make their fake login page appear SSL enabled.
In Opera when clicking on a link check that the address of the link on the page corresponds to the address in the bar at the bottom of the browser, look closely as phishing addresses will often looks like "
www.Rapisahr.e.com, or other similar names. Phishers will bypass this method by using a legitimate link protector site like lix. We do allow link-protectors here due to many posters wanting to keep their uploads safe from deletion, however we aim to check
all links by newer posters, and keep an eye on link-protect links in general (Big Brother Is Watching Over You
)
Browsers such as Firefox, Opera, and to some extent Internet Explorer all have anti-phishing software built-in, but of course you still need to be vigilant. Read the information on your browser's website to get an idea of how they deal with Phishing and other threats.
Firefox anti-phishing:
http://www.mozilla.com/en-US/firefox/phishing-protection/Firefox has an add-on called noscript which can help prevent some sneakier scripts from working on your machine, check reviews of it here:
https://addons.mozilla.org/en-US/firefox/reviews/display/722 10 anti phishing extensions for Firefox:
http://www.security-hacks.com/2007/05/31/10-anti-phishing-firefox-extensionsOpera's built in fraud-protection:
http://www.opera.com/docs/fraudprotection/...
General safety while browsing:Use a firewall at all times:
http://www.techsupportalert.com/best-free-firewall.htm - I use Comodo, and previously used Mcafee (I ditched it when it started constantly using 100% of my CPU) -
Use an anti-virus at all times:
http://www.techsupportalert.com/best-free-anti-virus-software.htm - I now use Avast, but AVG did me well for a few years.
Do regular (at least weekly, if not more) scans with 1 or 2 anti-spyware products:
http://www.techsupportalert.com/best-free-adware-spyware-scumware-remover.htm - I use AVG anti-spyware + Ad-Aware, it looks like there are some new contenders out now though.
Look into rootkit scanners (it seems alot of people don't know about these)
http://www.techsupportalert.com/best-free-rootkit-scanner-remover.htmDelete temporary internet files and cookies on a regular basis.
"Hardcore" web-surfers should consider paying out for a top of the range security suite like Kasperky's:
http://www.kaspersky.com/ or the "pro" versions of the freeware titles listed in the links above.
...
Have you just had your Rapidshare account Phished?If you can't log into your Rapidshare account, you can try emailing
support@rapidshare.com and asking them to send you a new password. Provide them with the following details:
Name: = name of the paypal account owner
E-Mail: = Email of your paypal account
Login-ID: = From your payment details on paypal account
Transaction-ID: = From your payment details on paypal account
Receipt-ID: =From your payment details on paypal account
Also, sometimes going to "forgot password" under the "Premium Zone" toolbar option on the Rapidshare homepage, and entering your email will work. This method depends on the phisher, and how fast you are though.
...
"I've found a Phishing post here at adultDelux.net, what do I do?"Click the "report to moderator" button on the bottom right of the post in question, and write "phishing" in the "enter comment" box. Then reply to the post with a message warning members that the post is a Phishing scam. The reply button is on the toolbar under the last post, or you can activate quick-reply in your account by following these instructions: click "profile" on the toolbar at the top of the forum, "look and layout preferences" and then "modify preferences" on the left of the page. Select "on, by default" beside the "Use quick reply on topic display:" option and finally click "change profile". Then you'll have no excuses for not replying to posts!!
Please feel free to add any anti-phishing information to this thread.Eck
