Saturday, 26 June 2010

Possible attack page

Swami Nikhilaananda said:
"Check before you click"

There are a lot of malicious sites out there, and they have innumerable ways of getting to you. Some of them give you the software that you need for free (pirated) and they would have put a payload of malware, trojans etc. in it. Or many pornographic sites have had a history of installing random toolbars and embarrassing spyware on your system, some sites that redirect you to some other sites, some lawyer or old lady who has a large amount of money wanting to share that wealth with you for some strange reason (scam, incidentally) and so on...

Of course, you are aware of these. I just found a new one, and thought I must share it with you guys. I got a mail from facebook, which the facebook team had sent. A very neatly designed mail, that masquerades exactly like the facebook type pages. Just have a look at it

(Just click on the image to enlarge)

It says that the facebook tem has sent me a message. It also has the mail domain name as facebook. It also has a link that shows facebook. However, when you move the mouse arrow over it, read the link to which it is pointing to in the status bar. This is not facebook and is some malicious site.

Set your browser security settings to high, and install an antivirus as well, just to be careful. Of course, another typical workaround would be to type the link that has been sent rather than clicking. This, I don't believe is feasible because the links are typically too long, and have too many random characters, and we are just plain lazy to type to press so many buttons, when we could have just pressed one.

1 comment:

Ravikiran said...

>>>Set your browser security >>>settings to high, and install >>>an antivirus as well, just to >>>be careful.
Browser security settings will only help little if its an upcoming new attack. As soon as you hit the page, if javascript runs, God bless the user.
I have my own opinion abt AV's, they are just there to put some nice flowery "on the surface protection + eating hard earned money of ppl :)".
Ultimate paranoids use Noscript which is deadly but not recommended.

>>>Of course, another typical >>>workaround would be to type the >>>link that has been sent rather >>>than clicking.
I have this insane habit of never clicking through anything, do a right click(inevitably u hover and bound to see URL) and "open in a new/foreground(tabmixplus addon)". Although very difficult initially, it will save a lot of trouble.

P.S: "Only the Paranoids survive" - Tom Maher