The EuroSoft spamming is up and kicking through email and in any writable pages in the web.
Around this time last year, I’ve spotted this activity through Skype but the difference this year is that the spam trend uses shortened URL. Safari recognises some of the website and displays warning message “Suspected phishing site”, however not everything just like this site “http://best-mac-software.com/”.
So be careful and pay attention, you’ll never know you are already dealing with a typosquatted and fraudulent websites.
As I was reading my RSS feeds, I just noticed that Aviv Raff disclosed two vulnerabilities found in iPhone on Jewish new year (Oct 2). But, to my surprise the phishing vulnerability isn’t new to me, this is bit old, in fact I created a crafted email with spoofed URL on it, as inspired by its original author Juan Pablo Lopez Yacubian.
This topic has been blogged last April 24 – Zero Day Exploit: Safari Address Bar URL Spoofing
Since this vulnerability affects Safari 3.1, obviously iPhone users are affected as well. I just created this email to show that this vulnerability exist.
Notice the URL, you’ll find it creepy ‘coz in Desktop email browser you will usually see the complete URL in the lower right side bar. But in this case, the attacker can simply create a hyperlink to hide it and it’s not that obvious!
Upon clicking it, here’s what you’ll find …
Google in URL bar and Yahoo on the content ? Yes, this is the security flaw found in Safari. This happens when you input a URL containing special characters followed by “@” which indicates the actual hostname. The special characters was crafted long enough to hide the URL of the page.
However, once you minimize the page, the URL displayed should ring a bell, that this is something fishy!
The lesson here is to be aware and stay safe!
These are phising sites that employs social engineering technique to lure MSN users in giving out their email address and password.
It certainly looks and sounds real, BUT IT’S NOT!
This site is a scam luring MSN users to provide their login credentials, then after that, it will take control over their account.
Once the user entered his/her login credentials, a message box will be displayed claiming that “..users’ privacy is 100% guaranteed”. However, users’ email address and password are sent over the network in clear text form. So, where’s the privacy here?
Let’s start with this screenshot below.
Let’s perform DNS lookup with the FQDN – 371233.cn.
The screenshot below is a Myspace phising site.
In summary, phising and scam spams are cross-platform web base attack. It aims to steal your identity and your money!
Mac and iphone users are not exempted.