BEWARE: Phishing Alert For Yahoo Email Users!

Replies

• 

  Kaustubh Katdare

  If Yahoo really wanted to check inactive accounts; they could easily verify your last login. So you can be sure that such emails are phishing attempts.
  
  Note that the look & feel of such emails may fool you.
• 

  shalini_goel14

  Oh I guess, I got similar mail long time back but my habit of ignoring most of the mails saved me from these hackers.
• 

  Ashraf HZ

  Yeah, I used to get e-mails on my Hotmail regarding that a couple of years ago. I just laugh at their attempts 😀
  
  One of my friends once did a phishing scam on his ex, so he can check her mail. *sigh*.. not sure if that is desperation or what.
• 

  silverscorpion

  I remember reading something similar about getting the passwords of other email accounts. I think I read it in Digit.
  
  In one issue of Digit, there was an article saying, if you want to get the password of some other email accounts other than your own, you must send a mail to the mail server.
  
  

  Include information like you email ID. you password, the email which you want the password of etc. there was some format to be followed, like in 1st line there's some code and all..
  If you send a mail in this format to the address given in the article, the mail server will be confused. It'll think that this is a request for password by an authorized entity, and will mail the password to the address given in the mail. In this case, your email address.

  This is the info given in Digit. In the next month's issue of Digit, the editorial goes like this::
  
  

  There was tremendous response to the article describing how to get the password of other email accounts. However, no such scheme exists and the address given in the article was one of our own addresses. We got more than 15000 mails. We got more than 15000 emails and respective passwords. This shows how many people are eager for other email's passwords. This also shows a lot of people are unaware of internet's functioning. Lot of people take huge risks by these type of actions

  It goes like this. This is a phishing attack explained beautifully in Digit.
  Hope I'm clear!!
• 

  Saandeep Sreerambatla

  Good info SS and Biggie.
  
  Ash what's the update there?? did he read her mails?
• 

  slashfear

  Hi Guys,
  
  Thats a good waring..... Let me add some info about what I know about phishing ;-)
  
  There are enormous ways to phishing guys one way is as mentioned by bigie (but thats the very basic way to do phishing)
  And another way thats used (The old traditional way as well as effective way ) is you will get a mail with a link attached to it .... and when you click the link you will be getting a login page of what ever mail you are using (hotmail, yahoo, gmail etc...) asking you to login again (beware the phishing page will be exactly same as the original version) and when you do that the id as well as password will be sent to the attackers mail id.
  
  And there is another spam going around the web called as 419 spam, where the hackers just send you a friendly mail and become friend to you (an email friend) then finally they will ask you to help them by giving them money or transferring money to there account..... (in this type of phishing the hacker waits for a long time and will be polite to you always) the mail will be like this:
  
  

  [B]Title: I WILL LIKE TO KNOW MORE ABOUT YOU
  
  Hi dear,[/B]
  [B][I]How are you today?I believe that   you are doing well.
            I am more than happy to read your reply. Dearest like i   told you in my first mail, My name is  Ann Amudu from Ivory   Coast in West Africa.Presently i am residing in the refugee camp here in Dakar Senegalas a result of the civil war in my country.
  I am 23 years old girl 5'8" tall.My father Dr COL Ahmed Amudu was the  personal advicer to the former head of state(Late Dr Robert Guei)before the rebels attacked our
  house one early morning and killed him along side with my mum.It is only me that is alive now and i managed to make my way to a near by country Senegal where i am living now.Please I will  like to know more about you.Your likes and dislikes and what you are doing presently.I will tell you more about myself in my nextmail.
              Attached here is my picture.Waiting for your reply.
          Yours   Love ann[/I][/B] 
  

  When any one of you get a mail like this stating " I am from refugee camp in Dakar Senegalas " it is sure a spam because there is no refugee camp in that place.
  
  I get mails like this often and, i used to play with them a lot (It will be fun and a great time pass trust me......😉)
  
  The only thing you have to remember is be careful not to give your personal info to them, just waste there time (so that other innocents can be saved when you keep him busy 😁)
  
  
  
  Beware and enjoy guys...............😉
  
  -Arvind(slashfear)
• 

  Kaustubh Katdare

  Nice information Slashfear 😀
• 

  slashfear

  And one more tip guys,
  
  have a habit of deleting the cookies when ever you have finished checking mail or while using online shopping because all websites track the cookies of the persons accessing there website. so some websites owned by the hackers track the cookies for password and credit card info stored in your PC, and grab those cookies using a cookie catcher program and mis use your info.........😔
  
  ok stay aware guys...... hope this info was useful😉
  
  
  -Arvind(slashfear)
• 

  Harshad Italiya

  Win a Pendrive and Laptop for free also one type of phishing..
  
  Thanks for the information guys.
• 

  slashfear

  Thanks bigie ......................😁
  
  
  And if you guys have any doubts about hacking and how hackers work feel free to ask guys (I am a white hat hacker :sshhh😀
  
  
  
  -Arvind(slashfear)
• 

  Saandeep Sreerambatla

  What does white hat hacker mean?
• 

  slashfear

  Hey ES,
  
  White hat hackers, also known as "ethical hackers," are computer security experts, who specialize in penetration testing, and other testing methodologies, to ensure that a company's information systems are secure. Such people are employed by companies where these professionals are sometimes called "sneakers."
  
  I am not that expert and all but still can stop some hackers.............😁
• 

  Ashraf HZ

  English-Scared

  Good info SS and Biggie.
  
  Ash what's the update there?? did he read her mails?

  Yeah, he did. This was around 5 years ago though! I wasnt sure whether to be more surprised that he actually carried it out, or the fact he confessed to me in the first place 😛
  
  The technique he used is the same slashfear described as below:
  

  slashfear

  And another way thats used (The old traditional way as well as effective way ) is you will get a mail with a link attached to it .... and when you click the link you will be getting a login page of what ever mail you are using (hotmail, yahoo, gmail etc...) asking you to login again (beware the phishing page will be exactly same as the original version) and when you do that the id as well as password will be sent to the attackers mail id.

  I know at the moment, a really dangerous phishing method would a more enhanced version of DNS cache poisoning (the old technique was already rendered useless) discovered by Dan Kaminsky. Even if you indeed type the correct html address, hackers can insert a false IP address in the name server and eventually kick out the original one by spoofing the name server. If you type in CrazyEngineers, you can still be redirected to a hostile website. This is something beyond what users can protect against. For now, there are temporary patches that service providers and name server hosts are applying to combat this threat; but its a very slow rollout.
  
  Slashfear, do you know more about this? The article is here:
  #-Link-Snipped-#
  
  A nice diagram to describe the attack can be viewed here:
  
• 

  shalini_goel14

  [SPAM]
  Hey slashfear, cool to know that you are a hacker 😀. Why don't you give us tips about it in a separate thread in CS section.
  
  Thanks !
  
  [/SPAM]
• 

  Saandeep Sreerambatla

  slashfear

  Hey ES,
  
  White hat hackers, also known as "ethical hackers," are computer security experts, who specialize in penetration testing, and other testing methodologies, to ensure that a company's information systems are secure. Such people are employed by companies where these professionals are sometimes called "sneakers."
  
  I am not that expert and all but still can stop some hackers.............😁

  Interesting 😀 , suggest some thing i mean some topics in this white hat hacking / penetration testing as we will have some basic idea.
• 

  silverscorpion

  Good to know you're a hacker, Slashfear.
  I'm also interested in Computer security and Hacking and all.
  
  Btw, it'll be good if you start a thread and say something about the basics of hacking and security..
• 

  Saandeep Sreerambatla

  Yes SS you are correct , The Cryptography is also related to Information security and hacking .
• 

  slashfear

  Hey Ash,
  
  Yeap!!! 😁 I know about DNS Attack, let me explain....
  
  First understand What is DNS ? ;-)
  
  Domain name system (DNS) is like a directory assistance for internet.
  
  How DNS work? ;-)
  
  The user sends an query packet to the ISP (Internet service provider) name server which has a Cache, Root name server, .com name server, anybank.com name server etc... as in the diagram Ash has posted, so what happens is as follows :
  
  1) Type anybank dot com (it can be anything like www dot anybank dot com or www dot google dot com)into your Web browser and the query is sent to your Internet service provider.
  
  2) If anybank dot com's location isn't cached, your ISP's name server repeatedly searches the domain name system for it. Each search is assigned a 16-bit transaction ID for security and tracking. Responses to the searches must carry the correct transaction ID to be accepted by the name server.
  
  3) Eventually, anybank dot com sends an answer to your ISP: Our homepage is at XX.XXX.XXX.XXX. This authenticated address is cached.
  
  4) Then your browser connects you to anybank dot com (or what ever you have searched for...).
  
  So this is how a DNS work.........
  
  Now to have a peak into how the hack works (DNS Hack or attack): ;-)
  
  As ash mentioned DAN KAMINSKY figured out a way to fool the DNS server , this is how he did it (I am not going to illustrate the full descreptions of how to do it!!! because it is illegal, I dont want Hackers to emerge from CE ;-))
  
  1) The attacker tries to hijack anybank dot com by sending thousands of requests for fake Web pages (1.anybank dot com, 2.anybank dot com).
  
  2) The ISP gives each query a transaction ID (unknown to the attacker) and attempts to locate the pages.
  
  3) At the same time, the attacker sends hundreds of responses for each malicious request. Every answer includes a randomly generated ID number.
  
  4) Eventually one of the answers carries an ID that matches, tricking the ISP into accepting and caching the information. The now-legitimized answer contains false details about anybank dot com, such as the location of its servers. Legitimate answers from anybank dot com ("No such page exists") will now be rejected.
  
  5) Now users looking for anybank dot com get sent to the fake location already in the ISP's cache.
  
  6) Anybank dot com customers are now using a look-alike site built by the hacker.
  
  Ok now its time to see how to prevent this type of attack 😁:
  
  Most computers have 65,536 ports, but DNS commonly uses only port 53 for all queries and responses. The patch works by randomly changing the port number for each DNS request. Now any response to a request must contain an accurate transaction ID number and return to the same port. The change increases the odds of beating the system from one in 65,536 to one in 4 billion.
  
  
  Hope you guys understood what I said........
  
  
  -Arvind(slashfear)😉
• 

  slashfear

  Hi Guys,
  
  @scorpion, ES and Shalini
  
  Hmmmmm thread about Hacking 😁...... sound's good guys I would be glad to do that..., but I need Bigie's permission for that 😒! ( Because I am not quite sure that it is legal to post in this forum)
  
  If I can start a new thread for hacking ...... tell me what all I can post buddy.....
  
  And guys just drop in your requests here (what you wanna know) I will start a new thread in CS section.😉
  
  -Arvind(slashfear)
• 

  Ashraf HZ

  Great explanation slashfear!
  
  Well, instead of a thread about hacking itself.. how about some steps to take to combat hacking? 😀 What can we do to protect our computer as much as we can?
• 

  shalini_goel14

  Hey Slashfear, you have any ideas what all security related issues an individual should keep in mind while developing any web application and how he/she can incorporate best security in that application ?
• 

  slashfear

  Thanks Ash.......😁
  
  And good idea buddy!!! I think i can do that (combat hacking) 😉
• 

  slashfear

  shalini_goel14

  Hey Slashfear, you have any ideas what all security related issues an individual should keep in mind while developing any web application and how he/she can incorporate best security in that application ?

  
  Hey shalini,
  
  Yeap I can give tips on that 😉, (Let me tell what i know 😒) stay connected, Tips will be posted in the CS section very soon buddy!!!!! (Thanks for the idea 😁)
  
  
  -Arvind(slashfear)
• 

  gohm

  I sometimes make up crazy stuff to mess with them, just like all the "help me cash a check for millions of dollars after my rebel leader spouse has died" scams.
• 

  Ashraf HZ

  What kind of stuff do you make up?
  
  If I had the time, I would have set up an elaborate scheme. I'd tell them that I am working with Interpol ITC division (CIA & NSA are too generic) and have tracked the origin of the e-mail, as well as aggregated and compiled all data regarding the scammer by computer forensics. To avoid jail time, the scammer should cooperate with Interpol by providing name of his boss, their telephone numbers and locations so Interpol can prosecute them under Acts ITC/18/A3, 2005; ITC/23/F4, 2005; ITC-Q/32 and 33, 2006.
  
  Those acts do not exist, of course 😛