Geocities – A playground for phishing

08Nov06

For the past few days, Geocities proved to be the most suitable playground for script kiddies and phishers. With many social engineering geocities websites popping here and there luring people to part with their user ids and passwords, it has not been a good ride for geocities.

Geocities is doing its best to pull down such attempts, but till now its all been futile. this was clearly visible when not one but three different geocities websites sported the yahoo login page. The websites became an instant hit with the college going students as the technologically challenged students (average internet user) thought this was an amazing prank to play on their co students. Little do they know the dangerous involved in this.

One of my not so good friends apparently thought it was funny to send me to those fake yahoo login pages. But one look at the URL told me what I needed to know. I hadn’t been to geocities for ages and so it was a nice touch to say “To look into the page please login with you yahoo id”. I put up a dummy password and user id and BAM! It worked.

Geocities must have got these reports too, cauze within a few days these sites were blocked. But now the phishers knew the potential of Geocities. Today Rajiv spotted a geocities account which looked exactly like the online home page of UTI bank. All these guys seem to be getting a similar mail claiming, UTI is shifting base and that once its relocated to its new home the users are required to login to confirm their accounts.

Rajiv knew at once this was an attempt at phishing one of the reasons being he didn’t have an account with UTI bank. Secondly, though the link in the email read something like utibank.co.in, when clicked upon it read geocities.in/bla bla.

But that is just the beginning. Once these phishers learn more about hacking, they will obfuscate the urls so that no one recognizes them.

A piece of advice to all you n00bs out there: Get firefox 2.0 which has an inbuilt efficient phishing detector which might help you with some of these sites (It how ever didn’t warn me against the UTI bank deal)

geocities phishing

Click on image to enlarge and view firefox in action…

Note: No links were provided to the phishing site, because the author didn’t want to popularize them and drive more innocent traffic towards them. If you really want to follow up the sites then check Rajiv’s blog.



One Response to “Geocities – A playground for phishing”

  1. very thx


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s


%d bloggers like this: