How do phishers do this? - Page 3

guids · #21 02-23-2006, 10:44 PM

No, they arent really really good. this is the legit site. It looks like they sent you an email out, and [censored] the url spoofing up. Its either they messed the email up or, this email is actually from chase.

yasher · #22 02-23-2006, 10:46 PM

jman,

my question was more about the ability to register the website with the people who make websites = IP addresses. domain name servers or whatever. ya know what im sayin?

warik,

well i agree that there are "quite a number of differences," but there are a shitload of similarities as well, which would lead me to be suspicious before i was trusting.

that being said, i think your research is solid and the page is legit.

yasher

Warik · #23 02-23-2006, 10:48 PM

I think the best thing for OP to do here is to login to his Chase account via the www.chase.com site and see if "[email protected]" was really added as his new e-mail account.

Los Feliz Slim · #24 02-23-2006, 10:48 PM

All I know is that I don't even really use Paypal, but I've got to have 500+ email addresses listed on that bad boy.

jman220 · #25 02-23-2006, 10:49 PM

[ QUOTE ]
jman,

my question was more about the ability to register the website with the people who make websites = IP addresses. domain name servers or whatever. ya know what im sayin?

warik,

well i agree that there are "quite a number of differences," but there are a shitload of similarities as well, which would lead me to be suspicious before i was trusting.

that being said, i think your research is solid and the page is legit.

yasher

[/ QUOTE ]

Yasher,
I doubt many of the domain registries police registration requests actively to prevent possibly infringing names. This is why it is a frequently litigated area for copyright and trademark infringement cases.

Warik · #26 02-23-2006, 10:50 PM

[ QUOTE ]
well i agree that there are "quite a number of differences," but there are a shitload of similarities as well, which would lead me to be suspicious before i was trusting.

[/ QUOTE ]

Understood, but I could make an exact 100% clone of the actual chase.chaseonline.com site in 15 minutes and that wouldn't prove anything... well, except maybe the blatant retardation of a phisher who can't do the same to reduce the likelihood of suspicion.

I'd be suspicious initially as well, usually because when I changed my e-mail with AMEX all they asked me to do was click on a link and not enter any personal info or login/pw.

guids · #27 02-23-2006, 10:51 PM

[ QUOTE ]
I think the best thing for OP to do here is to login to his Chase account via the www.chase.com site and see if "[email protected]" was really added as his new e-mail account.

[/ QUOTE ]

Ya, he wasnt. I was doing some reasearch, typed the email into google groups, and it is a phisher. I think you may have either messed the links up, or the phisher didnt spoof it right.

Google groups posting

AvivaSimplex · #28 02-23-2006, 10:52 PM

[ QUOTE ]
No, they arent really really good. this is the legit site. It looks like they sent you an email out, and [censored] the url spoofing up. Its either they messed the email up or, this email is actually from chase.

[/ QUOTE ]That's what it is. You should log on to your chase account normally (not following their link) and make sure that email address isn't actually added to your account.

jba · #29 02-23-2006, 10:52 PM

ok another thing these bastards can do is use non standard alphabetic characters that display on most people's computers as a character for the roman alphabet. for example instead of chase.com they register chàse.com and in the links maybe you don't tell the difference and with some characters/fonts it's very hard to tell, but if you click the link it goes to chàse.com which is a scam.

so to be extra special safe do two things
- don't click the link, type the address of the web site and find your stuff from there
- when you fill in this info there should always be a closed lock on your browser showing that it's secure, make sure it is, and you can click on it to view the security certificate, this isn't 100% because they can create some shill company called chase and get the cert, but if it says "r.j.'s exotic services" you'll at least know better

suzzer99 · #30 02-23-2006, 10:55 PM

This is a legitimate email and a legitimate site. asdfsdfiuyhsdjfh.chase.com is still owned and can only be accessed by chase.com. Now if it's chase.chasebank.com or something like that, then it's fake. Understand?

Edit: ok maybe not a legitmate email. Often these phisher emails will have genuine links in them to seem more authentic. Sounds like this one forgot the scam part.