Kargai Posted February 22, 2018 #1 Posted February 22, 2018 I share this phising because it's VERY well done and can be a difficult one to catch. We usually know that we have to look at the url to be sure to not be on a scammy website, to look if there is a SSL and a secure badge (the lock). For example for binance.com it could be something like blnance.com (the L insted of the i), etc But look at this one : That's the same design as binance, the https is ok, the secure badge is there ... but it's still a fake website, did you catch it ? Right under the "n" letter you can see some points. Which is a latin character. The website seem now to be flagged by Google but he probably run for some time before that. Be aware of it, always bookmark the real website and loggin there from the bookmark (and check the link before just in case your browser is hacked and bookmark had been changed without you knowing it).
lupandina Posted February 22, 2018 #2 Posted February 22, 2018 No way... It's really done very well... Also, one more tip: I'm always and everywhere entering my 2fa code only when few seconds of it is left. Even if someone will try to fish it, he wont have enough time to use code, because it will change after few sec.
wilbur Posted February 22, 2018 #3 Posted February 22, 2018 how did you bump this site? I manually type every site im going in to just to make sure im on the right site well I use binance and the good thing about them is that they have 2fa mobile where you receive 2f authentication message when you set it up, which is handy nice news be careful guys
Kargai Posted February 22, 2018 Author #4 Posted February 22, 2018 2FA is a nice additional layer of security, but that doesn't mean it's not usable for scammers They can get your 2fa when you fill it in the fake webiste, then a bot can log quickly into the real site. But mostly it's made for those who don't use 2FA you are right
Han2x Posted February 23, 2018 #5 Posted February 23, 2018 8 hours ago, Kargai said: I share this phising because it's VERY well done and can be a difficult one to catch. We usually know that we have to look at the url to be sure to not be on a scammy website, to look is there is a SSL and a secure badge (the lock). For example for binance.com it could be something like blnance.com (the L insted of the i), etc But look at this one : That's the same sedign as binance, the https is ok, the secure badge is there ... but it's still a fake website, did you catch it ? Right under the "n" letter you can see some points. Which is a latin character. The website seem now to be flagged by Google but he probably run for some time before that. Be aware of it, always bookmark the real website and loggnig there from the bookmark (and check the link before just in case your browser is hacked and bookmark had been changed without you knowing it). You are very awesome detective. If you will ask me if I noticed that i will honestly say that I did not. I thought it's just a dust in my monitor. But Thanks @Kargai. You always keep us away from fake and scams.
nhoyasim101 Posted February 23, 2018 #6 Posted February 23, 2018 FBI needs you @Kargai awesome advice thank you very much, my only concern with 2FA is that what if we reformatted/reprogram our device, what will happen then, i guess it will be a long process .
Dan Posted February 23, 2018 #7 Posted February 23, 2018 Wow, thanks for sharing this! I didn't even notice it until I read what you had to say. It's crazy how sneaky phishing sites are getting! I am so impressed but also so scared. This is definitely something we should be more careful of and build more awareness. With the internet moving as fast as it is, its so easy for something like this to get out of control.
xtinepink Posted February 23, 2018 #8 Posted February 23, 2018 Damn thanks bear. I am a binance user too. 😆 I saw that most of phishing uses those kind of letters.
wilbur Posted February 23, 2018 #9 Posted February 23, 2018 manually typing the name.of the site would greatly eliminate the chance of going to a phising site so dont be lazy on typing just for this purpose
testB Posted February 24, 2018 #10 Posted February 24, 2018 Where have you been finding these? Through adverts, or some spam mail, etc?
Kargai Posted February 25, 2018 Author #11 Posted February 25, 2018 On 23/02/2018 at 1:20 AM, Han2x said: You are very awesome detective. If you will ask me if I noticed that i will honestly say that I did not. I thought it's just a dust in my monitor. But Thanks @Kargai. You always keep us away from fake and scams. On 23/02/2018 at 4:11 AM, nhoyasim101 said: FBI needs you @Kargai awesome advice thank you very much, my only concern with 2FA is that what if we reformatted/reprogram our device, what will happen then, i guess it will be a long process . 19 hours ago, testB said: Where have you been finding these? Through adverts, or some spam mail, etc? In one private group i'm in
kurian Posted February 25, 2018 #13 Posted February 25, 2018 Thank you @Kargai i always look for the spelling only..This is hard to catch...
rack001 Posted February 25, 2018 #14 Posted February 25, 2018 I read about this phishing technique last year , apparently it has been existing since 2001 and is called Homograph attack . and the only thing that can be used to detect the website is the SSL Certificate (which no one checks) . This attack will exist until the browser vendors find a way to counter this. This happens because the browser shows the cyrillic and the latin words as same in the url box but they are actually different . This Attack is too easy to do you just need to combine cyrillic alphabets such that they show as a normal url in the browser and register the url. You can easily check the SSL Certificate for the common name parameter , it would reveal the real url you are browsing.
Featured Comment
Archived
This topic is now archived and is closed to further replies.