close

Privacy guaranteed - Your email is not shared with anyone.

Welcome to Glock Talk

Why should YOU join our Glock forum?

  • Converse with other Glock Enthusiasts
  • Learn about the latest hunting products
  • Becoming a member is FREE and EASY

If you consider yourself a beginner or an avid shooter, the Glock Talk community is your place to discuss self defense, concealed carry, reloading, target shooting, and all things Glock.

paypal phishing site got hacked

Discussion in 'Tech Talk' started by David_G17, May 23, 2005.

  1. David_G17

    David_G17 /\/\/\/\/\/\/\/

    2,046
    0
    Oct 7, 2002
    one of those fake sites trying to persuade people to give their paypal info got hacked, lol.

    http://news.netcraft.com/archives/2005/05/18/online_vigilantes_fight_back_against_phishing_fraudsters.html

    As fraudsters continue to target their victims with increasingly elaborate phishing sites, the surprise appearance of anti-phishing vigilantes is now hampering their operations.

    A PayPal phishing site recently reported by the Netcraft Toolbar community was promptly taken down; not by the hoster or law enforcement agency, but seemingly by a vigilante with an interest in disabling such sites and protecting innocent web users:

    [​IMG]

    The phishing site was replaced with a warning page, created with the open source OpenOffice.org suite on Windows. The identity of "sickophish" is not known, nor is it known how he gained access to the web server to perform the act of vigilantism.

    Phishing sites are commonly found hosted on compromised web servers, where lack of security allows fraudsters to access machines and upload phishing content. If a fraudster exploits these security weaknesses without subsequently securing the machine, then online vigilantes are just as likely to exploit the weaknesses to go in and replace the fraudulent content.

    Another phishing site – this time imitating NatWest Bank in the UK – was recently defaced by The Lad Wrecking Crew, which has been involved in several previous defacements and even offers a selection of desktop wallpapers that can be placed on "captured" phishing sites.

    [​IMG]

    Typical messages added to captured sites include, "Were you looking for the bank that was supposed to be here? We trashed it because it wasn't real," continuing with, "You could have lost thousands of dollars of your hard-earned life-savings! There is no need to thank us, really."

    While phishing is undoubtedly an illegal activity, the legality of defacing phishing sites is also quite questionable, but in cases observed by Netcraft so far it is reasonable to assume that only the fraudsters themselves have been disadvantaged.

    Netcraft provides a free anti-phishing Toolbar which offers protection against phishing sites, as well as providing the opportunity to report new phishing sites. So far this year, the Netcraft Toolbar community has reported over 6,600 different phishing sites, and this list of sites is also available as a feed suitable for integration with web proxies and mail filters.
     
  2. fastvfr

    fastvfr Ancient Tech

    2,344
    0
    Mar 28, 2001
    SW Oregon
    There is quite a community of hackers working to better the Net these days, from what I gather.

    Good for them.

    The best part is, they are using the same vulnerabilities that the phishers used to hijack those pages and URLs in the first place!

    Poetic justice at its finest.
     


  3. MB-G26

    MB-G26 Bk2MiscResource Lifetime Member

    7,103
    1,200
    Oct 9, 2001
    Missing Sharon
    Wish they c/disable multiple-repeat dictionary spammers the same way!
    And the original phishers' legally recoverable damages would be what, exactly?
    Hehehehe.....
    m