Comments on: Got Phished :( http://www.0xcafefeed.com/2006/09/got-phished/ Thoughts on Java™, Java EE™ and web application development Fri, 30 Apr 2010 07:48:43 +0000 hourly 1 http://wordpress.org/?v=3.0 By: izulthea http://www.0xcafefeed.com/2006/09/got-phished/comment-page-1/#comment-225 izulthea Mon, 30 Mar 2009 01:23:04 +0000 http://www.0xCAFEFEED.com/?p=13#comment-225 Hahahaaa...funny but dangerous! BE CAREFUL Bro!! Hahahaaa…funny but dangerous! BE CAREFUL Bro!!

]]> By: MARC http://www.0xcafefeed.com/2006/09/got-phished/comment-page-1/#comment-65 MARC Mon, 13 Aug 2007 20:10:00 +0000 http://www.0xCAFEFEED.com/?p=13#comment-65 its a fucking looser, me i have see that, this fucking looser, i have really spammed this fake website phishing, sorry for my bad english, im french its for that its a fucking looser, me i have see that, this fucking looser, i have really spammed this fake website phishing, sorry for my bad english, im french its for that

]]> By: Asgeir S. Nilsen http://www.0xcafefeed.com/2006/09/got-phished/comment-page-1/#comment-51 Asgeir S. Nilsen Wed, 09 May 2007 19:24:00 +0000 http://www.0xCAFEFEED.com/?p=13#comment-51 I would recommend that you start to use a password generating bookmarklet for your web passwords. A good implementation is at <a HREF="http://labs.zarate.org/passwd/" REL="nofollow" rel="nofollow">http://labs.zarate.org/passwd/</a>. What this does is simply to generate (via javascript running from a toolbar bookmark button) a password based on a master password you're prompted for, and <i>the site's host name</i>.<br/><br/>This scheme ensures different passwords for different sites, and renders it impossible for a phising site to get a correct password (since it's host name would differ).<br/><br/>If you develop web applications accepting passwords, I would recommend you to read my blog post <a HREF="http://blog.asgeirnilsen.com/2005/11/password-authentication-without.html" REL="nofollow" rel="nofollow">Password authentication without revealing your password</a>, which describes a scheme for hashing the password in the browser before its submitted to the server. I would recommend that you start to use a password generating bookmarklet for your web passwords. A good implementation is at http://labs.zarate.org/passwd/. What this does is simply to generate (via javascript running from a toolbar bookmark button) a password based on a master password you’re prompted for, and the site’s host name.

This scheme ensures different passwords for different sites, and renders it impossible for a phising site to get a correct password (since it’s host name would differ).

If you develop web applications accepting passwords, I would recommend you to read my blog post Password authentication without revealing your password, which describes a scheme for hashing the password in the browser before its submitted to the server.

]]> By: Anonymous http://www.0xcafefeed.com/2006/09/got-phished/comment-page-1/#comment-50 Anonymous Thu, 15 Feb 2007 01:14:00 +0000 http://www.0xCAFEFEED.com/?p=13#comment-50 I feel what you are saying about being ("PHISHED.") I was phished today. Now I have to make another myspace page. I hate the fact of that. I only looked up phish in GOOGLE to see how to prevent getting phished. How do you get phished? That still diddn't answer my question.<br/><br/> comment left on Febuary 14, 2007 at 8:10p.m. HAPPY VALENTINE'S DAY I feel what you are saying about being (“PHISHED.”) I was phished today. Now I have to make another myspace page. I hate the fact of that. I only looked up phish in GOOGLE to see how to prevent getting phished. How do you get phished? That still diddn’t answer my question.

comment left on Febuary 14, 2007 at 8:10p.m. HAPPY VALENTINE’S DAY

]]> By: Anonymous http://www.0xcafefeed.com/2006/09/got-phished/comment-page-1/#comment-49 Anonymous Sun, 21 Jan 2007 10:09:00 +0000 http://www.0xCAFEFEED.com/?p=13#comment-49 Hi there, <br/><br/>Here is the message that I sent to my group memmber using my mothers yahoo ID.<br/><br/>Dee No Longer Controls This Group !! ( I was phished by "mysuperheroine") <br/><br/><br/>I worked very hard on this group, and it was a success; However all<br/>is not lost, you could join me in rebuilding an even better bbw101 !!<br/>http://www.groups.yahoo.com/group/bbw101_<br/><br/>This group( http://www.groups.yahoo.com/group/bbw101)has no control<br/>since my password was stolen. Memberships had to be approved by me,<br/>therefore this group will never reach it's potential. Thankfully, my<br/>mother joined this group, I'm using her ID to tell you about the<br/>intrusion. If mysuperheroine/rakhinrahbin, or who ever she may be by<br/>now, finds out... she may ban me from my own group. This person<br/>chats like your average good girlfriend in order to gain trust,and<br/>then she strikes! You'll never know what hit ya! She often speaks of<br/>a stalker bf that she is terrified of, and how this guy can even see<br/>her IM's (raise an eyebrow?). The next thing I knew, she sent me a<br/>link to see her "new pictures," and there was the infamous spoofed<br/>yahoo login page! I didn't pay attention, and signed in..... sending<br/>this cyber criminal my password to all of my personal yahoo<br/>everything! I was hurt, but I would like to move on with my members.<br/>Please read on to learn more about "phishing," and how to protect<br/>yourself.<br/><br/><br/>This lady... or man for that matter was attracted to me, and wanted to introduce me to her brother. "She" even sent me a picture of the brother, which I now believe is her/him. Sounds confusing huh? Hi there,

Here is the message that I sent to my group memmber using my mothers yahoo ID.

Dee No Longer Controls This Group !! ( I was phished by “mysuperheroine”)

I worked very hard on this group, and it was a success; However all
is not lost, you could join me in rebuilding an even better bbw101 !!
http://www.groups.yahoo.com/group/bbw101_

This group( http://www.groups.yahoo.com/group/bbw101)has no control
since my password was stolen. Memberships had to be approved by me,
therefore this group will never reach it’s potential. Thankfully, my
mother joined this group, I’m using her ID to tell you about the
intrusion. If mysuperheroine/rakhinrahbin, or who ever she may be by
now, finds out… she may ban me from my own group. This person
chats like your average good girlfriend in order to gain trust,and
then she strikes! You’ll never know what hit ya! She often speaks of
a stalker bf that she is terrified of, and how this guy can even see
her IM’s (raise an eyebrow?). The next thing I knew, she sent me a
link to see her “new pictures,” and there was the infamous spoofed
yahoo login page! I didn’t pay attention, and signed in….. sending
this cyber criminal my password to all of my personal yahoo
everything! I was hurt, but I would like to move on with my members.
Please read on to learn more about “phishing,” and how to protect
yourself.

This lady… or man for that matter was attracted to me, and wanted to introduce me to her brother. “She” even sent me a picture of the brother, which I now believe is her/him. Sounds confusing huh?

]]> By: Anonymous http://www.0xcafefeed.com/2006/09/got-phished/comment-page-1/#comment-46 Anonymous Fri, 27 Oct 2006 01:25:00 +0000 http://www.0xCAFEFEED.com/?p=13#comment-46 It's all very real for sure... I found your comments quite relevant as I received a message from a friend with a link which I clicked same deal geocities page with Yahoo content, Duh... I entered my Yahoo info and lots of script errors and eventually a 404 not found came up. The hair on the back of my neck stood up and I immediately closed my browser emptied the temp files and then went and changed my Yahoo PW. I asked my friend if she sent me the link and her reply didn't make sense and I rcvd another offline message today with the same link, needless to say I sent her the info back, looked at the html code on the link for what didn't look right (I don't know HTML but am computer savvy) and sure enough I found "www2.fiberbit.net" suspiciously located and decided to do a search where I found your comments... Thanks for sharing, as I was beginning to think I was being overly paranoid! etherialoneinnc It’s all very real for sure… I found your comments quite relevant as I received a message from a friend with a link which I clicked same deal geocities page with Yahoo content, Duh… I entered my Yahoo info and lots of script errors and eventually a 404 not found came up. The hair on the back of my neck stood up and I immediately closed my browser emptied the temp files and then went and changed my Yahoo PW. I asked my friend if she sent me the link and her reply didn’t make sense and I rcvd another offline message today with the same link, needless to say I sent her the info back, looked at the html code on the link for what didn’t look right (I don’t know HTML but am computer savvy) and sure enough I found “www2.fiberbit.net” suspiciously located and decided to do a search where I found your comments… Thanks for sharing, as I was beginning to think I was being overly paranoid! etherialoneinnc

]]> By: Rupesh Kumar http://www.0xcafefeed.com/2006/09/got-phished/comment-page-1/#comment-44 Rupesh Kumar Wed, 20 Sep 2006 07:10:00 +0000 http://www.0xCAFEFEED.com/?p=13#comment-44 wow ! interesting.. still i can't believe YOU got fished :D wow ! interesting.. still i can’t believe YOU got fished :D

]]> By: Sachin http://www.0xcafefeed.com/2006/09/got-phished/comment-page-1/#comment-43 Sachin Fri, 15 Sep 2006 05:01:00 +0000 http://www.0xCAFEFEED.com/?p=13#comment-43 Very Interesting...<br/><br/>And welcome back! Very Interesting…

And welcome back!

]]>