page 1 of 1
Comments: 14 | Views: 9003
#Jan 15th, 2006 @ 8:09 PM
Shiv
Shiv
Life is beautiful :)
i somehow found this but i doubt how many others might find it. i received an email from so called ebay user saying that she/he paid me and that i didn't reply. the first thing is that i didn't give that email id to ebay account i have. but when i clicked it opened a web page with the link text 

htps://cgi.ebay.co.uk/ws/eBayISAPI.dll?ViewItem&item=6436472319&sspagename=ADME:B:AAQ:UK:1 

now just click on it and u will go to a web page that looks like ebay but it is some other website.this one -->
http://ns.clavisklw.ch/~newsletter/ws/index.htm

It asks for ur ebay username and password. i thought it was time for me to install the phishing filter add-in for my msn search toolbar . i downloaded it and just to see a dialog that the add-in is only for winxp . i m having windows 2003 std. how diff is it from win xp. guys at msn incharge of this add-in please update it . phishing is in a growing stage, try to eradicate before it is found out by even more troublemakers as just another weapon in their collection and u can do it only if it can be used by all .

i wanted to warn other niners too about this .but i think all u guys are smart enough to find it right Wink

EDIT: i edited the title now .so hope it is perceived correctly
#Jan 15th, 2006 @ 8:11 PM
Cybermagellan
Cybermagellan
Live for nothing, or die for everything
Thanks for the heads up...I have a friend that works at eBay that can handle this.
#Jan 15th, 2006 @ 8:15 PM
Shiv
Shiv
Life is beautiful :)
thanks a lot Cybermangellan. Ebay forcing this web site is a bonus i didn't think of Smiley .
#Jan 15th, 2006 @ 11:05 PM
Stephen
Stephen
Ahmmm.... I am confused.....

The URI does not point to e-bay....

The URI starts with http://3587681754/....

You don't need the toolbar for that just hover your mouse over the URI
#Jan 15th, 2006 @ 11:43 PM
Shiv
Shiv
Life is beautiful :)
ofcourse i don't need it . the point i made in here is that the phishing filter does not install on my system , a win 2003 server. now don't tell me i need to know these stuff when i have a server OS installed. My mom and dad use this system can u expect them to be thought how to check if any link is good or bad ?

if u r confused here is how the link was in the email


htps://cgi.ebay.co.uk/ws/eBayISAPI.dll?ViewItem&item=6436472319&sspagename=ADME:B:AAQ:UK:1


and the subject of the email was " Question from eBay Member : coonie2c"

Ps: yes i know it only has htps instead of https and there might be some more but thats not what i am trying to say over here .
#Jan 15th, 2006 @ 11:48 PM
cheong
cheong
Stephen wrote:
Ahmmm.... I am confused.....

The URI does not point to e-bay....

The URI starts with http://3587681754/....

You don't need the toolbar for that just hover your mouse over the URI

Yes. But most internet users have no idea about this... (Or just doesn't care when attempt to click on the link)

Anyway, querying the ip 213.215.173.218 return this:

Initiating server query ...
Looking up the domain name for IP: 213.215.173.218
(The domain name for the specified IP address could not be found.)
Connecting to the server on standard HTTP port: 80
[Connected]  Requesting the server's default page.
The server returned the following response headers:
HTTP/1.1 200 OK
Date: Mon, 16 Jan 2006 07:18:10 GMT
Server: Apache/1.3.26 (Unix)  (Red Hat/Linux) PHP/4.2.2
Last-Modified: Sat, 19 Jun 2004 21:06:55 GMT
ETag: "39c6d-71c-40d4aaef"
Accept-Ranges: bytes
Content-Length: 1820
Connection: close
Content-Type: text/html
Query complete.

Showing that's Linux server without reverse DNS query configured.
#Jan 16th, 2006 @ 1:34 AM
blowdart
blowdart
Peek-a-boo
Shiv wrote:
i m having windows 2003 std. how diff is it from win xp. guys at msn incharge of this add-in please update it .


Well IE is locked down more by default.

I can't really fault MSN for this, if you're running Server on your workstation it should be safe to assume you have a clue and know better than to click on links in bogus emails. And of course MSN is aiming at consumers who will be running XP. Unless they're one of those people who just *must* have advanced server on their gaming laptop because they saw it on a torrent and thought it would make them more 3l1t3, then complain because themeing and directX are off by default.

What I can fault MSN for its the speed of their phishing list. Netcraft's toolbar caught a lot more URLs in my limited testing than MSN did, and it provides a way to submit new URLs easily.

Of course Netcraft's toolbar has it's own problems, for example if you try to open a new instance of IE which goes to an HTTPS:// url, for example by clicking a link in an email, or starting windows update then IE will crash until you turn the toolbar off.
#Jan 16th, 2006 @ 4:45 AM
Stephen
Stephen
I have to agree there if you are running server and you are clicking any old link from your e-mail without looking at what you are clicking you are asking for trouble.

Remember that people will always get an e-mail with the latest scam well before any toolbar plug-in does.

As for Paypal e-mails my primary e-mail account is not tied in any way to e-bay or paypal. And I have received over 30 Paypal fakes in the past 3 months.

They come in and they are forwarded straight away to spoof@paypal.com

And how much did you edit from your orginal post, I was sure that there was something in there saying that you thought this was from a real e-bay user and somehow it was going through the e-bay system and re-directing from internally on e-bay or something like that. The original context of my message was regarding your original message and not a edited version after the fact.Perplexed

#Jan 16th, 2006 @ 8:24 AM
Shiv
Shiv
Life is beautiful :)
man! let me make some things clear if i can torrent the OS i really wouldn't spend wasting time posting for help now would i? win 2003 is the only legal version i got hence i m using (stuck with) it .

now to the other part Stephen, i edited only the title nothing else.

this is my first experience with phishing and i reported it to others thinking that might help and requesting the guys at msn phishing add-in to make it work in windows 2003 as well.now could u please stop this . i couldn't stand this . if any of u like to continue please u may,i may not interrupt in this thread again.
#Jan 16th, 2006 @ 8:28 AM
ScanIAm
ScanIAm
On a scale of 1 to 10, people are stupid.
Shiv wrote:
man! let me make some things clear if i can torrent the OS i really wouldn't spend wasting time posting for help now would i? win 2003 is the only legal version i got hence i m using (stuck with) it .

now to the other part Stephen, i edited only the title nothing else.

this is my first experience with phishing and i reported it to others thinking that might help and requesting the guys at msn phishing add-in to make it work in windows 2003 as well.now could u please stop this . i couldn't stand this . if any of u like to continue please u may,i may not interrupt in this thread again.


Doesn't Windows 2003 come with client licences? Wink
#Jan 16th, 2006 @ 8:35 AM
AndyC
AndyC

I'd hazard a guess that deleting the first line in the LaunchConditions table of the MSI (using e.g. Orca) would do it, as it currently prevents installation on anything other than XPSP2.

Note: I haven't tested it and I'm not about to. You do this at your own risk.

The condition you want to remove reads:

(VersionNT = 501 AND ServicePackLevel > 1)

 

#Jan 16th, 2006 @ 10:10 AM
Stephen
Stephen
Shiv,

I apologise if you took offense, I presumed that anyone running Windows 2003 Server as a desktop OS would have come across a phising scam or two before. Edit: And Apology about change of post remark. My own personal confusion

Phishing is a huge problem on the internet and I think there are many companies trying to do as much as they can. Instead of the MSN toolbar you could head over to E-Bay and install there toolbar to protect from E-Bay and Paypal Scams.

You can have a look at the latest Phishing Scam that is running on some poor sod's PC in Illinois utilising a HSBC Bank and WMF Exploit scam.

http://www.f-secure.com/weblog/#00000779

And I think Orca would let you install the MSN Anti-Phishing Toolbar though I would be a little worried on how that would hurt the IE Security Enhanced Configuration. You could try running the setup with 'XP Compatability mode' first (Right click - Compat - Select XP). I personally won't be trying the phishing add-in on W2K3 anytime soon though.

And ensure you have an up2date pc from Windows Update

I say  the last one as a mate shocked me when I was there on the weekend and had to go to a web site to show him how to start the Calc.exe file from WMP via a Web Page. He had the yellow icon in his task bar waiting for the updates to get installed and he said he hadn't got around to it yet. He had 3 PC's there to fix with Spyware problems Perplexed ) 4 Updates later and a reboot he was now fine. So many people are not updating it is scary.
#Jan 16th, 2006 @ 10:18 AM
Shiv
Shiv
Life is beautiful :)
thanks a lot stephen. i was feeling flames all over me during my reply so it  had some hard words. your reply has made me a lot more comfortable Smiley
#Jan 16th, 2006 @ 10:49 AM
Stephen
Stephen
I'm too much a 'propellor head' than a great converer of Engish sometimes:P
#Jan 16th, 2006 @ 12:11 PM
Cybermagellan
Cybermagellan
Live for nothing, or die for everything
My friend pointed out...

http://pages.ebay.com/help/account/mpi-account-theft-spoof.html

Be sure you are on an eBay page

Before signing in, please check the Web address in your browser. If you click on a link in an email, verify that the Web address in your browser is the same as the address shown in the email. The Web address of eBay sign-in pages begins with: https://signin.ebay.com/. Never type your eBay User ID and password into a Web page that doesn't have 'ebay.com" immediately before the first forward slash (/).

Some members have reported attempts to gain access to sensitive information through email requests that are made to appear that they were sent from eBay. These requests often include links to Web pages that will request that you sign in and submit information. At eBay, we identify these as 'spoofed' email or Web sites. If you are concerned about receiving email of this nature, please review eBay's suggestions to minimize unwanted email.

eBay will never ask you to provide credit card numbers or other sensitive information through email. If we request information from you, we will always direct you back to the eBay site. With very few exceptions, you can submit the requested information through your "My eBay" page. If you have received email requesting that you sign in or provide personal information that you suspect was not sent by eBay, please refer to the following information.


page 1 of 1
Comments: 14 | Views: 9003
Microsoft Communities