[X4U] Safari vulnerability test fails
Xavier Noria
fxn at hashref.com
Thu Dec 9 08:57:28 PST 2004
On Dec 9, 2004, at 5:39 PM, Robert wrote:
> I personally don't trust any thing to do with the name Citibank and
> internet. It seems like every second week i get an email from them
> asking for all kinds of information relating to a bank account that I
> don't have. They, who ever is doing this, is trying to get credit
> card info, pin numbers etc. I think that they are trying to get info
> so that they can steal from me. In fact last week on our local news
> these emails and people getting ripped off. Who ever is doing this
> wether it is citibank or someone else is using citibanks logo to make
> it look real. My opinion I think that they are trying to find out as
> much as they can by scanning your computer so that they can steal from
> you. Bob
Normally those emails pretending to be from Citibank, eBay, PayPal,
etc. have a URL that _seems_ to point to their respective domains, but
that uses some tricks that are not obvious unless you know something
about URLs to actually bring you to somewhere else.
Of course, that "else" is likely not to be a ONG, but a malicious
server that has nothing to do with the actual companies. You are in a
page that resembles one from the original site (that's very easy to
imitate), whith a form whose input goes right into the impostor's
database.
So NEVER trust those mails.
-- fxn
More information about the X4U
mailing list