KyleC
Nikon Guy
Premium
join:2001-12-13
Dallas, TX
|  Nice!
thats comforting. still both tricks sould be easy to expose. use your head people!
[text was edited by author 2003-10-29 10:55:39] |
|
justin
Australian
join:1999-05-28
Brooklyn, NY
Host:
IPv6
Business Connectiv..
Home/Office setup ..
Console/Handheld g..
Console Tech
| I don't think they are so easy to expose anymore.
At first the URLs were stupid
then they started looking good
now they actually START with the victim companies web server
how soon before someone figures out how to re-write the location bar in the browser to hide where you really are?
For sure these scams fool MORE people now than ever before, due to these "technical advances", even though the average level of suspicion has rised dramatically among everyone.
When YOU visit a secure site, do you actually check the certificate details and validity? for instance?
Only 1% of users, those who continue to read about all of the tricks, are really up with this stuff. Average users are not. At this rate I'd honestly think of advising non-computer friends to not use email AT ALL, for ANYTHING, ever AGAIN. And I'd advise legit companies to not use email for anything except no-action-required notifications. Just don't get an email address unless you want to make spam tools and scam tricks and security updates a personal hobby. Honestly it is getting that bad. |
|
joebear29
join:2003-07-20
Alabaster, AL
| said by justin  :
Only 1% of users, those who continue to read about all of the tricks, are really up with this stuff. Average users are not. At this rate I'd honestly think of advising non-computer friends to not use email AT ALL, for ANYTHING, ever AGAIN. And I'd advise legit companies to not use email for anything except no-action-required notifications. Just don't get an email address unless you want to make spam tools and scam tricks and security updates a personal hobby. Honestly it is getting that bad.
I don't think you need to go that far. E-mail address's are useful for many things, from newsletters to a notice your credit card payment is due.
What I would recommend is never pay or give any information through a link you followed in an e-mail, no matter how legitimate. Until now, I've been getting an e-mail from Discover every month, and I'll click the link and pay my bill. Now, what I'll do is still get the e-mail, but open a new browser and go to www.discovercard.com myself before I enter confidential information and pay the bill.
But there is no need to delete all your e-mail addresses. |
|
justin
Australian
join:1999-05-28
Brooklyn, NY
Host:
IPv6
Business Connectiv..
Home/Office setup ..
Console/Handheld g..
Console Tech
| yes for you and me and many others here (after all, if we can navigate to the new topic screen, we're pretty sophisticated users).
But as I read a NY times article the other day on "how spammers get hold of your email address" it occurs to me that millions of net users still happily use those sweepstakes type sites (good grief) not realizing they will end up getting diet pill offers for ever. These people are the majority of net users, and with so much identity now being online as well as off, and so much so loosely protected by both consumer and companies, the rewards for sophisticated con-men are insanely high. |
|
trisomy
Premium
join:2002-05-23
Houston, TX
 ·Comcast
| reply to joebear29
' http ://211.47.191.125:199/%63%67%69/%69%6E%64%65%78%2E%68%74%6D '
Just received this. Thought it would be of interest given the discussion. For those of you who are causally surfing do not enter your information !
(purposely broke the link - what is the point? -- mod)
[text was edited by moderator] |
|
belawrence
It's All About The Games
join:2000-08-06
Santee, CA
 ·Sprint Mobile Broa..
·Cox HSI
| "superstition is the way" - Stevie Wonder
And a little common sense. Like a couple of emails I've gotten as of late telling me that I've won some prize, only to find out that I must pay for shipping. When they ask for payment for said shipping, they ask for either your credit card/debit card number and require you to give them your PIN and 3 digit security code or your checking account information and routing info. Anyone asking for this amount of info is obviously a scammer of some sort.
--
"where are we going, and why are we in this handbasket?" |
|
Transmaster
Don't Blame Me I Voted For Bill and Opus
join:2001-06-20
Cheyenne, WY
 ·Qwest.net
| Jee-wiz
every time I open up one of My e-mail accounts I have the feeling I am stepping into a mine field. pulsating penis pills, blaster breast bolus, grow hair everywhere, In debt
click here and repent, humongous hooted Helen, Nigerian trunks of cash, Fran of the farm. It's just like a jungle.
Or some third world country where the most common English
sentence is "clean virgin 20 bucks".
--
I love Irish Terriers, Low Brass, and the electric blue glow of an 866 mercury vapor rectifier tube at night. |
|
KyleC
Nikon Guy
Premium
join:2001-12-13
Dallas, TX
·AT&T Southwest
| reply to justin
Re: Nice!
said by justin :
I don't think they are so easy to expose anymore.
yeah i guess for the average user. i don't trust anything that comes in email anymore at first sight. |
|
Transmaster
Don't Blame Me I Voted For Bill and Opus
join:2001-06-20
Cheyenne, WY
·Qwest.net
| reply to justin
I consider Juno 1.49 as one of the best pure e-mail clients
of all time. if you still have a dialup modem go below to
download it, any modem from 14.4 on up will work just fine.
»www.oldversion.com/program.php?n=juno
--
I love Irish Terriers, Low Brass, and the electric blue glow of an 866 mercury vapor rectifier tube at night. |
|
averagedude
join:2002-01-30
Mesa, AZ | reply to Transmaster
Re: Jee-wiz
I can't even have the kids in the room anymore when I open the e-mail. Holy enlarged organ Batman! |
|
TwoCpus4me
join:2003-10-16
| The insurance companies are coming soon...
It won't be long until you will be required to pass a secure system investigation if you do business on the web or companies won't insure you.
Too many companies hack together systems and pop them on the web with foolishly little security and no clue about the ramifications of what happens to people when their critical data gets stolen or leaked out. When was the last time you heard someone ask on the eve of an IPO offering if the systems were secure?
Its serious business and companies need to start spending probably at least 30 to 50% of their IT budget on security instead of the usual 5% of which we read about daily. The old days of private network security are gone. One person with the wrong access can take a whole company down. |
|
sadowski
I Am My Own Doppelganger
Premium,MVM
join:2000-04-14
Buffalo, NY
clubs:
| reply to justin
Re: Nice!
said by justin :
Only 1% of users, those who continue to read about all of the tricks, are really up with this stuff. Average users are not. At this rate I'd honestly think of advising non-computer friends to not use email AT ALL, for ANYTHING, ever AGAIN. And I'd advise legit companies to not use email for anything except no-action-required notifications. Just don't get an email address unless you want to make spam tools and scam tricks and security updates a personal hobby. Honestly it is getting that bad.
I think that's a bit of an exaggeration, more than a bit. I just tell everyone to PHONE the company (from a number printed on a paper bill or invoice) if they get any requests for password, credit card numbers or any other personal information. Most people will listen and take that kind of advice as long as you don't play the sky is falling game. Just let people know honestly that there are concerns and threats and they will most likely pay attention.
--
In this world of sin and sorrow, there is always something to be thankful for; as for me, I rejoice that I am not a Republican. -- H.L. Mencken
Liberals feel unworthy of their possessions. Conservatives feel theydeserve everything they've stole |
|
vfpguy
Alias Dotnetguy
join:2001-07-21
Wayne, NJ
| reply to justin
said by justin :
At this rate I'd honestly think of advising non-computer friends to not use email AT ALL, for ANYTHING, ever AGAIN. And I'd advise legit companies to not use email for anything except no-action-required notifications. Just don't get an email address unless you want to make spam tools and scam tricks and security updates a personal hobby. Honestly it is getting that bad.
So what's the alternative for non-computer literate people to communicate with each other over the Internet and for businesses to communicate with each other and their customers? E-Mail with a web-site address to click? No, can't use that one. Instant Messaging? No, if IM clients like Trillian have reversed engineered the IM protocols then how long until someone figures out how to spam IM? Change e-mail clients to only accept digitally signed mail? Not as long as certificates are relatively expensive and complicated (for the average user) to set up.
Much as I hate to admit it (donning flameproof suit) MS's Trustworthy Computing is sounding better and better (assuming they can pull if off with their "usual high quality"  )
--
"...a great, serene and peaceful future can slip from us quite as irrevocably by neglect, division and inaction, as by spectacular disaster." -- H. Truman, 6/21/56 |
|
techie
Premium
join:2003-06-18
Canada
clubs:
·Cogeco Cable
·Rogers Hi-Speed
| People are so stupid
This is somewhat related, my stupid friend got the e-mail saying to delete that one Windows Java file because it was a virus, and he actually did it! So now people just believe any e-mail they recieve?
--
R.I.P VindictiV
[text was edited by moderator] |
|
RadioDoc
58ef2c0
Premium,ExMod 2000-03
join:2000-05-11
·AT&T Midwest
| reply to justin
Re: Nice!
That was an interesting exercise unravelling this last night. There were enough clues that a regular Earthlink customer should have at least raised an eyebrow over the email (which is what happened and led to the investigation in the Earthlink forum), but you just know that the bulk of the online population these days--especially the ones AOL and Earthlink are targeting--would mindlessly click along until they maybe got queasy about giving out ATM PINs. This is what was on that page: »Verify a Website |
|
The Folsom
Kindly Shut Your Noise Hole.
Premium
join:2003-01-31
Yucaipa, CA
 ·Verizon FIOS
| Used To Be
That E-mail was a time saver; you could send an E-mail to someone and get something done faster. Now we have to spend more time on E-mail scrutinizing and analyzing just to get the same amount of work done. Not only have scammers and spammers succeeded in stealing our money, but they have succeeded in stealing our time.
Bastards.
--
The early bird gets the worm, but the second mouse gets the cheese. »www.prepaidlegal.com/info/kfolsom |
|
The Folsom
Kindly Shut Your Noise Hole.
Premium
join:2003-01-31
Yucaipa, CA
·Verizon FIOS
| reply to belawrence
Re: "superstition is the way" - Stevie Wonder
I won't make that kind of payment on the internet. If it is a delivery, I will pay only COD; if they don't wanna go that way, then they are scammers and their motherboard should meltdown.
--
The early bird gets the worm, but the second mouse gets the cheese. »www.prepaidlegal.com/info/kfolsom |
|
nil
Java Geek
join:2000-11-27
Host:
Webmasters and Dev..
Forum Feature Requ..
| reply to The Folsom
Re: Used To Be
It looks like human nature is to take a good thing and use it to take advantage of others.. sad, isn't it?
It's interesting that probably most of the people behind these schemes are nice and normal people to everyone around them.. but with the anonymity of the Internet a whole different facet of their personalities is revealed.
--
Life is too short to be boring |
|
The Folsom
Kindly Shut Your Noise Hole.
Premium
join:2003-01-31
Yucaipa, CA
·Verizon FIOS
| I think greed has a lot to do with the success of some of these scams presently circulating; get an E-mail from some guy in Nigeria, with a boat-load of cash but no way to access it. You have a chance to get something for nothing.
You can go the easy way and fall for it, or expend some mental energy and actually think about it for a second. Riffle through the mental Rolodex to when dad said, "Son, nothing in life is free."
It's tempting to fall for this kind of stuff. Greed wins out over clear thinking.
Not in my case. If the E-mail makes it through my filters, I think about it for half a second then trash the E-mail.
--
The early bird gets the worm, but the second mouse gets the cheese. »www.prepaidlegal.com/info/kfolsom
[text was edited by author 2003-10-29 12:39:13] |
|
Jason Levine
Premium
join:2001-07-13
USA
| reply to justin
Re: Nice!
said by justin :
how soon before someone figures out how to re-write the location bar in the browser to hide where you really are?
They already do this sometimes. A URL can contain a username and password in the form:
http: //username:password@www.somesite.com/
Now, make the username a site's URL and the password a long string to push the real site's URL off screen and you have a URL that will look like it's on Paypal/Ebay/whatever when it's really on some offshore account designed to harvest information from the people who fall for the scam.
For example, this URL might look like it's going to DSLReports.com, but it's really going to Google:
http://www.dslreports.com:dlsgjnsdlvnjsldvnlsdnvlsdvnlsdjkvnlsvnlsdkvnskldvnlsdkvnlsdjkvndjlvn@ww w.google.com/
(Of course, a scammer won't direct you to such a benign site.)
--
-Jason Levine
http://www.jasons-toolbox.com/
http://www.PCQandA.com/
http://www.urateit.com/ |
|
