Phishers rely on the naivety of people to fall for their fake Paypal, eBay and banking websites. We can make the phisher's life miserable by submitting 100's or 1000's of realistic looking, but fake, entries. To make it easier I've automated the process. You can fight back right now by entering the actual destination URL from the phishing email. Then watch as realistic looking, fake, entries are automatically and continuously submitted to the phisher’s website. The criminal won't be able to distinguish between the ”Fake" entries and entries from real people who fall for the scam.
The Phisher's process
Phishers are criminals so their goal is to steal your personal information and then your money. Phishing really has two levels. The first level is the Phisher himself, who's goal is to aquire personal data. He then sells the data to a "Casher" who is setup to use the data for identity theft, printing credit cards or just stealing your money.
The Phishers first step is to setup a fake website that looks like the real website, Paypal® is very common. Then they send out millions of emails with subjects like "Account Suspended" or "Activate Your PayPal Account!". The emails can look very official, see samples below . The emails will contain a link that looks real, saying something like "Click here to Update your account". The link does not go to Paypal, rather it goes to a fake site. Often the URLs are IP address like "http://123.45.67.8/PaypalVerify" or some look more realistic like "http://www.paypal-account-verify.net". The sites look like the Paypal login page. Unwary victims will enter their login and password, click submit, and unknowingly wave goodbye to any money they have in the account. The Phisher or "Casher" could even use the "Add Funds" functions in paypal to draw money out of your credit cards and/or checking account. The fake site may reply with “Login failed please retry” or they will have a sub-page asking for "verification" information like your credit card number, password and pin. This information can then be sold to the "Casher". Losses can extend well beyond the funds in your Paypal account.
Best advice is to always type the url into the browser yourself, never rely on the link in an email.
*******************************************
Here was a fake Ebay notice email -
there is a clickable link in the email. It is the auction number and it takes you to a fake sign in page.
the auction number clickable link redirects you to:
forget the headers. all you have to do is open the email - in Outlook you right click and view source. I don't know how you do it if you have AOL etc.
then you see what it says. this one looked like this:
<HTML><HEAD>
<META content="MSHTML 6.00.2900.2180" name=GENERATOR></HEAD>
<BODY bgColor=#ffffff>
<TABLE cellSpacing=0 cellPadding=0 width=600 border=0>
<TBODY>
<TR>
<TD vAlign=top width=600>
<P><FONT size=2><FONT face=Verdana><FONT size=1><FONT color=#666666><B>eBay sent this message to ([email protected]).<BR></B>Your registered email address is included to show this message originated from eBay.</FONT></FONT>
<HR color=#d2d3d2 noShade>
posted on April 24, 2006 08:26:13 PM new
I was tempted just once to go fill in a lot of bogus information but thought better of it. I did turn in one to the webmaster or what ever they are called at a hosting site. It too was taken down and I also got an appology kinda like the one here. I just don't have the tiem these phishers do in foiling their attempts. I do forward all phishing emails I get to PP or Ebay.
Lately I have been getting a lot of the same scams from someone trying to represent banks. Same applies to those never click a link in their emails.
**************
Some minds are like concrete,
thoroughly mixed up and permanently set.
posted on April 25, 2006 05:51:46 AM new
nobody went and looked at the phishfighting.com website???? did you not read what they do????
"How many phishing emails did you receive today?: I receive 5-10 emails a day that are supposedly from real companies like Paypal® asking me to click their link and enter my login, password or other private information. These are fake sites created by criminals. I'm tired of the emails and offended by the fact that they are trying to steal from me. So I've decided to strike back and YOU CAN TOO.
Just enter the Phishing emails REAL url above and watch as realistic looking, fake, entries are continously sent to the Phishers fake site. The criminal will receive hundreds or thousands of fake entries and he won't be able to tell which are fake and which are real."
"How PhishFighting works
Q: Is sending false data to Phishers considered a DOS attack?
A: According to wikipedia: "A denial-of-service attack (also, DoS attack) is an attack on a computer system or network that causes ... the loss of network connectivity and services by consuming the bandwidth of the victim network or overloading the computational resources of the victim system." PhishFighting.com only submits data entries once every 20 seconds, which only works out to 180 calls an hour. Far short of the many 1000's of calls needed to create a DOS attack. It's not our goal to consume the Phisher's bandwidth, rather it is to provide so much data that the Phisher can not benefit for stolen valid data. Basically adding his needles to a haystack."
They tell you different ways to determine the "real" url.
"There are several ways to determine the real url hidden in the email.
In Firefox: Right click on the link and select "Copy link location". Then paste (Ctrl+V) the link into the PhishFighting.com URL box on the home page.
In IE: Right click on the link and select "Copy shortcut". Then paste (Ctrl+V) the link into the PhishFighting.com URL box on the home page.
Click the link and copy the URL. (Caution: Hazardous)
View the source html of the email and locate the hidden link. (Safe method)
Hover over the link and read/copy it from the "tooltip" or the bottom of the browser window. (Safe method)"
posted on April 25, 2006 06:06:25 AM new
it's pretty cool. after you enter the url it opens that webpage with false id in it and you have to click the submit button and try and log in. you have to keep doing it when the allowed 20 seconds elapse but hey if you're bored give it a whirl.
