Loading....
- Hacker Uses XSS and Google Street View Data to Determine Physical Location
- CAnCAn te iubim, CA CA tine nu gasim. Superfete.cancan.ro e de rahat
- Deface (?!?) pe Cotidianul.ro
- Virusi in clipuri video [how to]
- Cyber-Bullying – palma parinteasca a noului mileniu
- Christopher “moot” Poole: The case for anonymity online
- Wtf Avira?
- Some old story about tagged.com
- Pwning cam girls for fun
- Tabloshit
Loading....
- Yahoo! again - XSS in Uncategorized (357 Visits)
- Yahoo! again - bad settings? in Uncategorized (252 Visits)
- Fanii nostri in Uncategorized (183 Visits)
- Frustrant in Uncategorized (146 Visits)
- La multi ani România, la multi ani românilor in Uncategorized (137 Visits)
- Weblog.ro - Shell via Local File Inclusion in Uncategorized (119 Visits)
- Yahoo! epic fail - permanent xss unleashed in Uncategorized (50 Visits)
- ... in Uncategorized (38 Visits)
- XSS Ownage - hi5 vs. Yahoo! + video in Uncategorized (2 Visits)
- Ce nu se invata la scoala - Tipuri si tehnici spam/Hi5 (4) in Uncategorized (2 Visits)
- Hackersblog.org is now blog.rstcenter.com in (1781 Visits)
- O mica dar importanta precizare in (1389 Visits)
- Twitter in (821 Visits)
- This is the end in (803 Visits)
- Ce servicii de mail folositi? in (791 Visits)
- Un nou membru in (747 Visits)
- La multi ani România, la multi ani românilor in (737 Visits)
- Inca o pierdere de timp in (690 Visits)
- De reţinut in (648 Visits)
- Azi este ziua userilor hackersblog.org in (625 Visits)
- SMS scam (1) in (583 Visits)
- Hi5.com coders read this in (581 Visits)
- Dezinformare sau proasta informare? in (577 Visits)
- Phishing Raiffeisen cu atasament html in (534 Visits)
- Phishing Bancpost in (501 Visits)
- Si tentativele de phishing pot fi amuzante in (435 Visits)
- Ce nu se invata la scoala - Tipuri si tehnici spam/mail (2) in (2789 Visits)
- Ce nu se invata la scoala - Tipuri si tehnici spam/Hi5 (4) in (2706 Visits)
- Despre CSRF, hi5.com, cum sa trisezi la concursuri s.a.m.d. in (1171 Visits)
- [Utilitare] Suna gratis de pe internet sau de pe iPhone in (1146 Visits)
- Ce nu se invata la scoala - (D)DOS (5) in (974 Visits)
- Virusi in clipuri video [how to] in (893 Visits)
- Ce nu se invata la scoala - Tipuri si tehnici spam (1) in (742 Visits)
- Yahoo! redirects - a big issue (with video) in (583 Visits)
- Internet vs. privacy (1) in (485 Visits)
- Ca musca in... in (447 Visits)
- RedTube.com ... The Free Sex Video Community in (13214 Visits)
- usa.kaspersky.com hacked ... full database acces , sql injection in (5197 Visits)
- libertatea.ro vulnerabil la (blind) sql injection in (3008 Visits)
- Pwning cam girls for fun in (2649 Visits)
- Telegraph.co.uk hacked, sql injection in (2628 Visits)
- Facebook hacked - sql injection in (2511 Visits)
- Simpatie.ro, matrimoniale3x.ro, apetisant.ro, deliciu.ro , etc Sql injection in (2484 Visits)
- F-Secure.com - SQL Injection + Cross Site Scripting in (1815 Visits)
- [Hacked]Bitdefender (Portugal) exposes sensitive customer data in (1802 Visits)
- Wtf Avira? in (1763 Visits)
- Christopher "moot" Poole: The case for anonymity online in (1535 Visits)
- Digital Photocopiers Loaded With Secrets in (1475 Visits)
- Hacker Uses XSS and Google Street View Data to Determine Physical Location in (703 Visits)
- Wannabe Hackers [1] - Cum sa hack-uiesti RapidShare-ul in (620 Visits)
- Wannabe Hackers [2] - cum sa faci un virus by sppy_hacker in (611 Visits)
- Hope 2603 – Kevin Mitnick - Life a Computer Hacker – Revealed in (476 Visits)
- PRIVACY IS DEAD - GET OVER IT, Pt 01-34 (Recommended by Hackersblog ) in (410 Visits)
- Oldies but goodies - Freedom Downtime - The Story of Kevin Mitnick in (394 Visits)
- [Video] The History Of Hacking in (382 Visits)
- Email Security - Why You Should Encrypt Your Email - Part One in (377 Visits)
- Deface - tuttoaffari.lastampa.it si citymusiclab.city.corriere.it in (3516 Visits)
- RNS vs. RAI - citizenreport.rai.it hacked. in (3326 Visits)
- Hi5 email finder si sfarsitul a tot ceea ce inseamna privacy in social networking in (3150 Visits)
- Se poate sparge parola de Yahoo? in (2655 Visits)
- Planete-plus-intelligente.lemonde.fr defaced by R.N.S. in (2519 Visits)
- Free SMS time, TrimiteSMS.ro in (2512 Visits)
- Gmail uber hacking in (2368 Visits)
- Cancan.ro spart pentru a doua oara intr-o zi in (2302 Visits)
- Camera de supraveghere a universitatii Alexandru Ioan Cuza din Iasi in (2289 Visits)
- Stiri cu antena3 in (2228 Visits)
Posted on May 12th, 2009
Un scam in doi pasi, destul de simplu facut.
Sa aruncam un ochi peste mesajul trimis de phisheri. Se pare ca nu s-au chinuit sa trimita mesajele de la o adresa de mail spoofata si au folosit ceva simplu: modes09@mode.com.
Dand click pe linkul din mesaj vom fi trimisi catre http://spa10.com/icons/css/csm/ssl/activare.php?logare/CAM10:0000_tvDvkC3FgGpYVy7BvlReNQ:12c58o847? o pagina ce ne cere urmatoarele informatii:
Nici in cazul acestui scam meniul nu este functionabil, probabil pentru a nu lasa potentialele victime sa iasa de pe pagina cu formularul. Adresa domeniului nu are legatura cu numele Bancpost si lipseste cu desavarsire ssl-ul.
Dupa ce s-au introdus toate datele vom fi redirectionati catre http://spa10.com/icons/css/csm/ssl/activat.php, o pagina care ne redirectioneaza in cateva secunde catre site-ul oficial al Bancpost.
La data la care am postat acest articol paginile sunt in continuare up&running si se pare ca domeniul nu a fost raportat ca phishing site.
May 14th, 2009 at 4:08 pm
Cum nu par a folosi vreun captcha sau alta metoda anti-bot, ma gandesc daca nu e util de implementat un scriptulet sa ii umple cu ‘jde mii de date false. Chiar daca se mai strecoara vreunul cu date reale printre, le va fi dificil de separat fake-urile.
May 16th, 2009 at 7:44 pm
lame phising.
Pana si eu pot face mai bine…