Saturday, November 06, 2004

something 'phishy' is going on

I knew I should have suspected foul play the minute I got the following email. But naive as I still am, I ended up submitting my email address and password to pick up an Eid card before realizing that something 'phishy' is going on.

Here is a part of the email I received yesterday:

From : MSN Greeting []
Reply-To : "MSN Greeting" []
Sent : Friday, November 5, 2004 5:45 AM
To : Hafsa Ahsan [my email address]
Subject : Sumera Ali sent you an Eid Card.

Dear Friend,
Sumera Ali [ ] has sent you an Eid-Card from is all [standard text]
To view your e-card, choose from any of the following options:
Click on the following Internet address or copy & paste it into your browser's address box.

Clicking on the link above took me to a website cleverly designed to resemble MSN Greetings where I was required to enter my email address and password to pick up my card which I stupidly did. Upon entering it I was told to select a card to send it elsewhere. Frustrated, I closed the window. Today, after re-clicking on the above link I noticed that it redirects to a website

Interestedly if you copy and paste into the location bar the message that the "website cannot be found" turns up.

Maybe this is a false alarm. But it does look like someone is out to get people to enter their email addresses and passwords through a sophisticated form of hacking.


Teeth Maestro said...

welcome to the real world - it does look surprisingly similar EXCPET for the side Yahoo bar - but i would write an emial out to Geocities to shut down such fraud. Ive been bombarded with CITI banks's emails its a GIF image but if you scroll over it is actually an image with an unknown IP address redirection. Be very careful hackers are very creative.

All the best

Merlinx said...

There are several dead-giveaways that make it clear the message is a hoax from some hacker or spammer. For one no 'normal' user or person would have their name setup as 'MSN Greeting' (i.e. in the 'From' and 'Reply-To' fields). Secondly, usually spam-mails often have strange, meaningless number sequences inserted in the email address. In this case, the no. '323' in the middle of the email address. Thirdly, if you simply type in the URL, you'll instantly see that the site doesn't exist. Fourthly, as TM points out, you can role over the link it asks you to click with your mouse and see in your status bar where it is going to (and for good measure visit that URL too -- only the domain part, not the entire link, which executes a script or something -- and see where it goes.) Lastly and most simply, avoid strolling in back- and blind-alleys like this through cyberspace in response to emails from people you don't know.

Anonymous said...
when u put the email and password it gose directly to his email address i have seen the script and that the only way of hacking people how r not aware of the things

Vaqas said...

girls hurt :-D

H.A. said...

Actually it wasn't that I didn't know about phishy scams. I've read up on how it all works. I just associated them with citibank emails or those which ask you for credit card numbers. Anyway this post was supposed to be a warning for all the naive people like myself...and for the record, no harm is done to my hotmail yet cuz I changed the password immediately:)

Anonymous said...

well msn offer such service that if u know the old password u can change the password again only if u know any old password think again haf

Anonymous said...

Believe in the Copyrights sites before entering your Account information... Like birthdayalarm and Hi5 are the sites,i came aross, that asks for your email adress and password, to import your list from MSN MESSENGER..
Once my password was hacked like this.. It was my teacher who did it, because i dared him to do so.. This is the most easiet and tricky way to Hack one's ID...

Augie said...

They're called Scam pages and they're a very popular way of getting credit card information and passwords for emails, ebay accounts and paypals to name a few. Usually the hackers copy the entire html page along and host them on another hosting space with a convincing domain such as or something. All they do is change the formmail properties which sends them the information. There isnt a fool proof way of detecting such pages, I've seen some paypal and ebay scam pages myself and one cant tell the difference.

AdnaN said...

I guess the matter was already discussed once in Spider Issue... Infact being careful all the time is the only measure u can do when u r on internet... always check where the link is directed towards... further you may check out the header of ur mail and report the spammer or attacker to Cyber Crime Wing . We all should now realize the culprit should always be behind the bars. Bearing them at the beginning would prevent penetrating them to our roots.

cc Infopage said...


Hotmail News by - Oct. 17, 2005

Microsoft to Test New Hotmail Interface (AnandTech)
For those of you that use Hotmail, Microsoft is testing a new user interface for the popular web-based email client: Microsoft is preparing to publicly test its new front end Hotmail, code-named "Kahuna" and simply branded: Mail Beta. The upgrade will support an AJAX-based interface that has been rewritten from the ground up using...

AOL Offers $299 PC (Connected Home Media)
Everyone's favorite dominant ISP introduced an intriguing offer this week: Agree to use AOL for a year, and you can purchase a low-end PC from the company for just $299. Although the deal seems like a bid to stem the flow of subscribers eager to get out from under the multicolored, dumbed-down AOL interface, the offer actually appears to be decent, assuming you're not into playing the latest 3-D games. Of course, you can get a decent Dell system for not much more than the cost of the AOL PC plus the service (about $585 when you add it all up).

Preview of New MSN Hotmail (Slashdot)
An anonymous reader writes "Here is a Preview of a new MSN Hotmail system, using AJAX. Currently in Beta testing." Most interesting is how the user interface more closely resembles a traditional local application. It's definitely a big step in that direction.

Free Anonymous Proxies by

Have a nice day,

Delivered by 30,000 daily updated Information Pages about all kind of subjects

Anonymous said...

"I just came across your blog about auction buying online siteand wanted to drop you a note telling you how impressed I was with the information you have posted here. I also have a web site & blog about **keyword** auction buying online site so I know I'm talking about when I say your site is top-notch! Keep up the great work, you are providing a great resource on the Internet here!

De Post Man said...

Nice posts. Check out my site if you get a chance. adjustable mortgage rate