Comments on: New Facebook Phishing Attempts http://www.snipe.net/2009/05/new-facebook-phishing-attempts/ Bitterness never tasted so sweet Thu, 29 Jul 2010 22:45:06 +0000 hourly 1 http://wordpress.org/?v=3.0 By: Chris Jester-Young http://www.snipe.net/2009/05/new-facebook-phishing-attempts/comment-page-1/#comment-4674 Chris Jester-Young Tue, 26 May 2009 11:25:03 +0000 http://www.snipe.net/?p=1826#comment-4674 I look at the address bar to ensure that websites are what they should appear to be, but! I've had one time where I got stung when I belatedly realised that I entered my credit card info to an http address. (It's a site I frequently use, and usually it's at their https address, but that one time....) I ended up calling up the bank, etc. Some sites tell people to actually _type in_ the address if logging in is required. This gets around a "lookalike" attack where someone makes a website called facebοοk.com (or facebοok.com, or faceboοk.com; you get the idea) to phish. This sort of attack exploits IDNs (internationalised domain names), and the fact that the Greek omicron looks in most fonts exactly identical to the Latin letter o. <abbr><em>Last blog post: <a href="http://stackoverflow.com/questions/861257/for-kernel-os-is-c-still-it/861286#861286" rel="nofollow">Answer by Chris Jester-Young for For kernel/OS is C still it</a></em></abbr> I look at the address bar to ensure that websites are what they should appear to be, but! I’ve had one time where I got stung when I belatedly realised that I entered my credit card info to an http address. (It’s a site I frequently use, and usually it’s at their https address, but that one time….) I ended up calling up the bank, etc.

Some sites tell people to actually _type in_ the address if logging in is required. This gets around a “lookalike” attack where someone makes a website called facebοοk.com (or facebοok.com, or faceboοk.com; you get the idea) to phish. This sort of attack exploits IDNs (internationalised domain names), and the fact that the Greek omicron looks in most fonts exactly identical to the Latin letter o.

Last blog post: Answer by Chris Jester-Young for For kernel/OS is C still it

]]> By: GetWeb http://www.snipe.net/2009/05/new-facebook-phishing-attempts/comment-page-1/#comment-4666 GetWeb Tue, 26 May 2009 03:28:12 +0000 http://www.snipe.net/?p=1826#comment-4666 [...] Brought to you by Feedtwitt.info Visit the Original Page . GETWEB holds no relation with the website. . Please see our Privacy [...] [...] Brought to you by Feedtwitt.info Visit the Original Page . GETWEB holds no relation with the website. . Please see our Privacy [...]

]]> By: snipe http://www.snipe.net/2009/05/new-facebook-phishing-attempts/comment-page-1/#comment-4663 snipe Mon, 25 May 2009 19:35:10 +0000 http://www.snipe.net/?p=1826#comment-4663 Neil - This is OS-agnostic. Its not installing any software, so Linux users are also vulnerable. Neil – This is OS-agnostic. Its not installing any software, so Linux users are also vulnerable.

]]> By: Neil Schneider http://www.snipe.net/2009/05/new-facebook-phishing-attempts/comment-page-1/#comment-4662 Neil Schneider Mon, 25 May 2009 19:33:36 +0000 http://www.snipe.net/?p=1826#comment-4662 Friends don't let friends run Windows. Friends don’t let friends run Windows.

]]>