Aardvark <aardvark@aardvark.uk.tc> wrote in news:jnseal$ckb$1@dont-
email.me:

> On Wed, 02 May 2012 14:35:47 -0500, Li'l Abner wrote:
>
>> "Ant" <not@home.today> wrote in
>> news:2JadnWezCv8m_DzSnZ2dnUVZ8iKdnZ2d@brightview.c o.uk:
>>
>>> "Virus Guy" wrote:
>>>
>>>> If you try this first, I think you'll find it will work without
having
>>>> the actual alpha-numeric code:
>>>>
>>>> hxxp://12345678.cw9.me/dd_****@off.com/12345678_ViewMsg
>>>
>>> Yes, that worked. I used example.com and got:
>>>
>>> src="http://j.maxmind.com/app/geoip.js"
>>> top.location.href = '/redir_main.php?to=some@example.com&cty=' +
>>> geoip_country_name();
>>>
>>> Redirected to:
>>>
>>> ww15.buwna.com/video_c29tZUBleGFtcGxlLmNvbQ==
>>>
>>> The string c29tZUBleGFtcGxlLmNvbQ== is some@example.com base64
encoded.
>>> Like you, I got a fake Login Live page. Although in English,
>>> some of the internal html text was Portugese or Spanish (I can't tell
>>> the difference), e.g:
>>>
>>> meta content="El nuevo Hotmail ya está aquÃ*. Es un sistema...
>>>
>>>> By social engineering - you mean my friend might have encountered a
>>>> fake hotmail login screen at some point in the past?
>>>
>>> Exactly; just like the page we're seeing here! Pretty much all the
>>> content is from live.com but when you press "sign in" the thief gets
>>> your account details. It's also tied to your email address by the b64
>>> encoded string.
>>
>> I bit on something like that a couple of days ago, but it had
something
>> to do with a facebook page. Then a Facebook login page popped up and
>> Firefox automatically filled in my login credentials. I clicked
"Login"
>> and the screen went away. But FaceBook never showed up.
>> The more I thought about it, the fishier it looked.
>> So I immediately logged into Facebook and changed my password.
>> As much as I preach to my customers about being careful what you click
>> on,
>> I couldn't believe that I did it myself!
>
>
>
> What's Facebook?
>
> LOL.

Yeah, I know. I spend very little time on it. I only have 3 friends.
On FaceBook, that is... :-)


--
--- My mother never saw the irony in calling me a son-of-a-***** ---