feeds
  • Page 1 of 1
  • 1
Forum moderator: Pirate, shadychiri, SauROn  
Pirate Forums » Infodesk » Billboard » Beware of Rapidshare Phishers!
Beware of Rapidshare Phishers!
Date: Thursday, 13 Jan 2011, 6:28 AM | Message # 1 :
Messages: 1461
VIP of the month
Likes & Hates:[4]
Reproofs:
Respect
[ ]
Offline
Rapidshare Phishing, for those of you that don't know, is a fake Rapidshare web site. It is made to steal your account information and to steal your credit card (or any payment method) if you decide to sign up for a premium account.

The login page at rapidshare.com uses SSL-protection with the following Encryption Protocol: TLS v1.0 256 bit AES (1024 bit RSA/SHA).
A phishing site in 95% of the cases, doesn't use encryption, for "plain text" password procurement.
There are 2 easy things that make the original login page of rapidshare https://ssl.rapidshare.com/cgi-bin/premiumzone.cgi

genuine:

* The URL contains "https://", not "http://" Most information is transmitted in clear text so that anyone can read it. HTTPS defines a method for encrypting messages so only the recipient can read it. HTTPS stands for Hyper Text Transfer Protocol Secure (or with SSL - Secure Socket Layer) and represents a TCP/IP protocol that is used by World Wide Web servers and Web browsers to transfer and display hypermedia documents securely across the Internet.
* The digital certificate.

1. For Firefox users, the whole address bar turns yellow and a small lock appears in the right of it, and in the right bottom of the window.
2. For Opera users, in the address bar appears a yellow space wich contains a small lock and then the name of the certificate: "RapidShare AG (CH)"
3. For Internet Explorer users, in the right bottom of the there's a small yellow lock which shows us that a certificate is present.
4. For any other browsers, search for a small lock either in the address bar, either at the bottom of the window.

Of course, advanced hackers can create fake certificates to trick users, but almost every browser is able to detect fake or suspicious certificates. (Issuer name missing, for example). Scammers can also configure their web server so that deceptive SSL certificates won't trigger an alert in the user's browser. "One of the SSL encoding methods is "plain text". Most SSL servers have this disabled by default, but most browsers support it. When plain text is used, no central certificate authority is consulted and the user never sees a message asking if a certificate should be accepted (because 'plain text' doesn't use certificates). Keeping that in mind, the little lock icon may not even indicate an encrypted channel. The little lock only indicates an SSL connection." A technique called visual spoofing offers another method to present a "lock" to visitors on a Scam phishing site. The technique alters the user interface of the web browser, substituting images for parts of the browser interface that would normally help users detect the fraud. Javascript links launch a new browser window without scrollbars, menubars, toolbars and the status bar - which allows the scam artists to substitute a fake status bar containing the URL for a legitimate site, along with an image of a "lock" indicating a secure SSL site.

But then again, some have created a way to make the certificate popup box look genuine, so the best method would be to check the ssl ("https://"). This is not limited to just Rapidshare. Any of the upload sites can be made into Phishers. If you suspect you have entered your info on one of these sites...PLEASE change your password immediatly. Only you are responsible for your actions if you fall for it. Just like anywhere else on the net, you HAVE to be carefull. Always a scammer looking for prey.

This is one reason why we don't allow live links to be posted. It's for your protection as well as ours and as a community. If you suspect a Phishing link, please report it with the word "phishing" and it will be looked into. We as a community, have to keep aware of these thieves and stay on top of it. One day it could be your account that has been stolen.

One example of what a Phish site looks like. If you are logged into your account automaticly when you visit Rapidshare or you have direct downloads checked in your settings, you should NOT get this page when you click a download link.
TIP: If your on your own private computer, try to stay logged in all the time and have "direct downloads" enabled in your account options. That way if you go to a Rapidshare link page and it asks you to put in your login info after you click "premium" choice to download, it is a fake.

But Remember....NEVER click live links on CouchTater that lead anywhere outside the forum walls as we do not allow them. We may not catch them in a minute....but we will take care of them.

Tip: Remember to LOCK YOUR ACCOUNT...it prevents your email and password from being changed...and DON'T use FireFox to save your password!






WGTOOLS
Date: Thursday, 17 Nov 2011, 1:11 PM | Message # 2 :
Messages: 1333
Likes & Hates:[2]
Reproofs:
Respect
[ ]
Offline
thanks mate I wasn't aware of this much

Don't Get High with Your Own Supply



WGTOOLS
Pirate Forums » Infodesk » Billboard » Beware of Rapidshare Phishers!
  • Page 1 of 1
  • 1
Search: