Re: Erm...um...I may have just fallen victim to a Phish
borgholio at storymind.com
Fri Nov 11 22:10:13 EST 2005
> Borgholio wrote:
>> In a nutshell, I wasn't paying attention and clicked on a link and
>> entered my password. I changed it about 2 minutes later when I
>> realized something was wrong, but I need verification that the "phish"
>> actually worked. It seemed that the phishing link sent along with the
>> email was half-assed. In other words, it doesn't seem like it'd
>> work. Here's the link:
>> As for how I could miss the mail.jangup.com part, beats me. As I
>> said, wasn't paying attention. When clicking on the link, it takes
>> you straight to the Ebay page and NOT to a clever forgery. The
>> mail.jangup part is a webmail address but there are no obvious
>> attempts to login and send mail. I'm going to keep my passwords
>> changed, naturally, but can anybody verify that this link will indeed
>> send away a username / password?
> As Glen said, yes, you were snookered. Fortunately, you realized this
> quickly, so it's very unlikely it caused you any damage before you were
> able to change the password.
> As long as it wasn't on this page that you chose to change it ;)
> What I am interested in knowing is how this came about? Would you mind
> posting a tracker? I'd like to see so I can possibly use this as a part
> of my lessons in Practicing Safe Hex.
> Also, as an aside, maybe it would be good for you to install the
> Netcraft toolbar so this doesn't happen again. It does a fairly decent
> job of catching phishes. I've found a few that it hadn't seen yet, but I
> aggressively look for them. It did catch this one, at least at this time.
I've posted the full email + headers in .spam for ya. I can dig up the
tracking link if you need that instead.
More information about the SpamCop-List