I hear this alot on the web and even in security forums. What is it and what can i do to fix it?

http://en.wikipedia.org/wiki/Phishing

Took me less then 10 seconds to google it...

Hey Big what's your Social Security number? I need it for research...

hook, line and sinker..... you took the bait and now your caught. No need for google on that one.

Took me less then 10 seconds to google it...

Since he is "SOOO BIG and strong" his brain mass has lowered itself down to counterbalance all the "mass" in his arms and chest. It supplies us with the answers to everything we need to know about him.

;)

I hear this alot on the web and even in security forums. What is it and what can i do to fix it?

Your PayPal account may have been compromised. Please confirm your identity by providing us your username and password at PAYPAL.paypall.cn so that we can continue to provide you with our best services (and wipe your account).

Thank you, your PayPal team

Thats phishing. People who have nothing better to do all day but sit and snoop packets for identity info?

Thats phishing. People who have nothing better to do all day but sit and snoop packets for identity info?

No, you totally missed the point of phishing - which is tricking the person of target(the mark), to willingly give away information directly to the scammer.

Example, the IM and email requests to trick people to give out their Steam passwords.

Another example, an email from supposidly PayPal, telling you that your account has been comprimised and to click the following link to reset it. This link at first glance appears to be correct, and even loads up a page that looks real. You type in your account info and password, and hit submit into this pretender site, and bam they have your info now.

Final example, you're at your IT job, and someone calls over the telephone, and says, "hey, I'm so-and-so over in the computer lab administering such and such boxes... whats the Admin password again?"

And the other examples up above are good ones too.

In other words, they aren't "eavesdropping" on a conversation to get your password and info. They are literally asking you directly, pretending to be someone else. You fall for their impresonation and willingly give out your info.

Final example, you're at your IT job, and someone calls over the telephone, and says, "hey, I'm so-and-so over in the computer lab administering such and such boxes... whats the Admin password again?"

That's social engineering.

Phishing is the harvesting of user data (online banking, EBay, PayPal) while purporting to be the service provider. Phishing is especially bad in the online form because spammers and bot-herders send out mass emails asking you to "update your billing information" etc, setup a rogue domain with a mirror of the authentication system/login page of the domain, store your credentials (which are later used for nefarious use), and then redirect you to the target page.

Yeah, I've had a few of those lately...I get one about once a month from "Bank of America"...I read the first one and it said unless I supplied the information my account would be put on hold...It was deleted and marked as spam immediately. I have had that same one quite a few times...I can see though how the novice/naive computer user who just checks email and browses the web with thier PC might get caught with something like that...

Use Firefox and OpenDNS and you won't have to worry about it! :D

Use Firefox and OpenDNS and you won't have to worry about it! :D

OpenDNS has very little to do with the mitigation of phishing, Firefox does, but I could show you pages that could own you...

The cure-all is end-user education. Call your bank, using the number on the back of your card, before you trust an 'update your billing information' email. Rock Phish is the worst, especially with their targeted emails.

Now THIS is fishing
:D
http://img.photobucket.com/albums/v251/joserouse/Wahines/4thFishing.jpg

Now THIS is fishing
:D
http://img.photobucket.com/albums/v251/joserouse/Wahines/4thFishing.jpg

You can say that again. :captnkill:

Yep..dat some serious Fishin goin on.

if you dont want to be a victim of phishing, check the URL's on all your transactions and personal info. if the URL isnt based on the EXACT name of the site you think youre in, gtfo.

ie, paypal should be xxx.paypal.com/xxx/xxx/xx


thats the biggest sign that someone is trying to steal your info.

OpenDNS has very little to do with the mitigation of phishing, Firefox does, but I could show you pages that could own you...

The cure-all is end-user education. Call your bank, using the number on the back of your card, before you trust an 'update your billing information' email. Rock Phish is the worst, especially with their targeted emails.
Oh, I know, I was just making a fun statement. I get the eBay and Paypal emails about "update your account now...blah, blah, blah crap" all the time and immediately report them. End-user education is the best defense, I agree. :D

Oh, I know, I was just making a fun statement. I get the eBay and Paypal emails about "update your account now...blah, blah, blah crap" all the time and immediately report them. End-user education is the best defense, I agree. :D
yea i report those emails too. i feel bad for the suckers that they catch with that stuff :(

i also like going to those websites and entering a lot of false information :D

username: johnnytool
password: f*ckoff

lol

yea i report those emails too. i feel bad for the suckers that they catch with that stuff :(

i also like going to those websites and entering a lot of false information :D

username: johnnytool
password: f*ckoff

lol
:rofl

I do the same thing with like Realplayer and the like;
Email Address: upyours@hotmail.com

:thumbsup:

That's social engineering.

Phishing is the harvesting of user data (online banking, EBay, PayPal) while purporting to be the service provider. Phishing is especially bad in the online form because spammers and bot-herders send out mass emails asking you to "update your billing information" etc, setup a rogue domain with a mirror of the authentication system/login page of the domain, store your credentials (which are later used for nefarious use), and then redirect you to the target page.

Its all forms of "social engineering".

This is fishing done properly. Notice the beer. Also notice how her blond hair is covering her redneck.

http://www.fishingwithcliff.com/Babes/BabeImages/Pic001.gif

http://www.mdranglers.com/Pictures/2bass.jpg

Notice her left breast is larger than the other. ^^

Notice her left breast is larger than the other. ^^
It's functioning as a counter-weight because the fish in her right hand is bigger.

It's functioning as a counter-weight because the fish in her right hand is bigger.


haha!!

automatic self adjustable boobs?