The truth is that those who rely on this sort of cheating, they are victims no more or no less than a simple social engineering maneuver that in many cases, has a relatively unpalatable effectiveness and intended to carry out phishing attacks.
This situation makes complete evidence levels (im) maturity that still exists in prevention and the need to raise awareness about the true scope and safety implications of the concepts of confidentiality and privacy.
In this sense, a new phishing campaign is seeking to capture the attention of users who use popular instant messaging client from Microsoft, MSN. That is, almost 90% of people.
Behind a hedge under the slogan "Verify who blocked you on their msn contact list", a campaign that lies strategically and with patience is getting usernames and their passwords for all those interested in finding out who of your contacts have blocked ... I still don't understand it :(From a technical standpoint, under the IP address 121.54.174.85 (Hong Kong Hong Kong Sun Network Limited) are housed a significant number of domains that redirect to the same fraudulent. These domains are:
ahem-they-blocked-me.com
cindrella-blocked-me.com
damnn-they-blocked-me.com
did-they-block-you.com
face-blocked-truth.com
find-reason-of-being-blocked.com
finding-who-blocks.com
friends-block-buddies.com
grab-block-status.com
grab-my-block-status.com have-they-blocked-you.com
heroes-never-block.com
how-come-they-block-me.com
im-fedup-of-being-blocked.com
im-sad-im-blocked.com
ima-checking-block-status.com
jesus-he-blocked-us.com
kephsa.why-do-they-block.com
lame-friends-block-you.com
leme-check-block-status.com
mean-friends-block.com
mjzfx0.why-do-they-block.com
notice-they-blocked-u.com
oh-i-was-blocked.com
omg-they-blocked-me.com
phew-they-blocked-me.com
phewww-seems-i-am-blocked.com
puff-im-blocked.com
pwdgds.grab-my-block-status.com
sad-i-was-blocked.com
see-they-blocked-me.com
tchv9l.find-reason-of-being-blocked.com
they-were-haha.com
ufff-i-was-blocked.com
urr-he-blocked-us.com
weird-i-was-blocked.com
who-let-me-block.com
why-do-they-block.com
why-my-friends-block.com
wooh-im-blocked.com
It's extremely important to take precautionary and preventive measures necessary to avoid being victims of such techniques, extremely simple to implement and extremely effective for those who aren't aware of them.
In this case, it isn't implementing a security solution at full speed but common sense. To access information on the website only legitimate and verify the existence of security measures that ensure the encryption of data.
Above all, don't ask him how to get lots of information on different authentication credentials for web services and publish them on the Internet without restriction :)
Related information
Nivel de (in)madurez en materia de prevención
Phishing Kit. Creador automático de sitios fraudulentos
Phishing Kit In-the-Wild para clonación de sitios web, versión 2
Phishing Kit In-the-Wild para clonación de sitios web
Estado de la seguridad según Microsoft
Phishing y "cuentos" en navidad
Phishing para American Express y consejos
Jorge Mieres
No comments:
Post a Comment