Tuesday, November 18, 2008

Phishing

This is for those who are still in the dark about phishing. Phishing means a bogus site that masquerades as the real site.

Look at the screenshot below that shows a site that looks like PayPal



If it's the real PayPal, then the address bar will usually show http://www.paypal.com and not numbers (which are IP addresses) like the ones in the picture above.

However, that does not mean that you cannot use IP address to visit PayPal website but you need to make sure that the IP address you use is correctly pointing to the real PayPal website.

To do that, go to this site. There, choose LOOKUP and enter the URL, in this case www.paypal.com, in the box.


For www.paypal.com, the results are these


IP address: 66.211.168.193
Host name: www.paypal.com
66.211.168.193 is from United States(US) in region North America

Therefore, by entering http://66.211.168.193 and http://www.paypal.com in your browser should bring you to the true PayPal website.

Clearly, the IP address 213.242.251.60 in the screenshot above, which differs from official records, are fake and pointing to a machine to harvest your real account details.

The details of this fake website are as below


IP address 213.242.251.60
Location RU RU, Russian Federation
City Yekaterinburg, 71 -

Also, reputable sites like paypal will not have an unsecured login page with. Secured login page will start with https:// eg https://www.paypal.com. Sometimes even fake sites do provide a secured page, so to ensure that you a
re visiting the right secured page, click on the security tab, usually an icon of a lock at bottom of your browser, to verify that the certificate assigned to the site is authentic.

1 comment:

anti spam service said...

I agree, that is a site phishing attempt. It uses social engineering to accomplish the task. We must remain vigilant.