The Menace of Phishing: Protect yourself from it
It has become frequent these days , some fraudulent users Posting Phishing Links in guise of Rapidshare download Links. It is necessary that Rapidshare Premium Users are aware of this issue and Never compromise their login details at any cost.
This article is an attempt in that direction.
What is Rapidshare Phishing?
Rapidshare Phishing, for those of you who don't know, is fake Rapidshare web site. It is designed to look exactly like Rapidshare. It is made to steal your Login details ( username and password), rapidpoints or to steal your credit card (or any payment method) if you decide to sign up for a premium account.
Example:
| “ | Fake Rapidshare sites used for Phishing / to steal Your username and password. dn.vc lix.in 110mb.com 12gb.com Tinyurl Etc etc. The list in never complete, as several new phishing website are created everyday. | ” |
Rapidshare Phishing links are usually hidden in protection links like lix.in .Example of Phishing Link:
http://lix.in/example
If the you click links like above, it will take you a rapidshare like website. Remember, these fake rapidshare websites are meant to steal you RS Premium login details. If the victim selects free user, the phisher just passes them along to the real RapidShare site or the download displays a message like below
But if they select premium download, then the phishing site records their login before passing them to the download. Thus, the phisher has lifted the premium account information from the victim.
What happens to such stolen rapidshare accounts?
Phished RapidShare accounts are usually sold for cheaper prices in comparison to RapidShare's prices for a premium account. Or the phisher uses it for his own purposes. Your account may also be used for child porn storage and other illegal files. But most importantly, your private files can be misused
How to identify Phishing sites?
Fortunately, identifying such sites is not rocket- science. Please remember that the fake sites looks exactly the same as the original rapidshare . Even then however , Phishing sites can be easily identified in the following two ways:
I. First Observation:
1. The fake website mentions SSL-encrypted Login, but the URL in the address bar only uses HTTP and not HTTPS.
Vs.
2. Notice the Slash in the url
3. If you are already logged in the RS premium account* but still the download asks you for username and password. It is for sure a fake phishing link.
II. Using your Browser:
If the RS site is original
1. For Firefox users, at the original RS site, the whole address bar turns yellow and a small lock appears in the right of it, and in the right bottom of the window..
2. For Opera users, in the address bar appears a yellow space wich contains a small lock and then the name of the certificate: "RapidShare AG (CH)"
3. For Internet Explorer users, in the right bottom of the there's a small yellow lock which shows us that a certificate is present.
Also in firefox, if you doubt the page is fake, right-click on the alias page and select "This Frame" > "Show only this frame." This reveals the real page, and you can see the URL would not be rapidshare.com. No wonder they call, firefox the most secure browser in the world!
For any other browsers, search for a small lock either in the address bar, either at the bottom of the window.
However, if you fall victim to phishing, try change your login details immediately as soon possible. Dont make it too late.
Precautions you can take
1. Always log in to rapidshare via the following pages only,
https://ssl.rapidshare.com/cgi-bin/premiumzone.cgi
Or
https://ssl.rapidshare.com/premiumzone.html
2. If you are on your personal computer, try to stay logged in all time. Save your rapidshare cookie indefinitely or never clear your browser cache off Rapidshare cookie. This way you will be always logged in your rapidshare account. If by some reason a Rapidshare link download asks for your Login details again, it is a fake link. No link should ask you to log in again, if you have already logged in once.
3. Have "direct downloads" enabled in your account options. To do this go 'premium zone' > Click 'Settings' > Configuration>enable 'direct downloads'. This way you wont be redirected to a rapidshare webpage but the file to be downloaded will be automatically added to your download queue. If by some reason you reach a redirected login page , the link you wanted to download from is a fake/phishing link
4. Activate your RapidShare-Security Lock of your rapidshare premium account:
Once you activate you RS security Lock, RS sends you a unique unlock number to your email, which you keep safely at all time. In dire case, even if your login details are compromised , the phisher, cannot change you login details, delete files or convert you rapidpoints unless he has access to that unlock code. Which only you posses. Even if the phisher requests a new unlock code in desperation, the new unlock code would be send to your email only. By then you would have already known,, that your account is stolen ,and its time to change your login details
>>>Remember rapidshare never sends out any email to their users asking for their login details. If you receive any such email, contact Rapidhsare for clarification.
You can also, monitor your account by checking view log at your premium Zone
Stay Safe & Secure, Always :)
No need to use filthy language :-) Just write to me or torai about fishing links and such user(s) will be terminated as fast as possible :-)
Hopefully now this prick will be driven off.
Thanks for posting.
News adress is http://avaxhome.ws/ebooks/cultures_languages/Lois26Studies.html
Please, remove him!
P.S. His links for other news are also fake.
Good effort to make people aware of these dangers, dawnz.
http://www.avaxhome.ws/software/software_type/os_lowlevel/Windows_Genuine_Advantage_Validation_1_9_9_1.html
http://avaxhome.ws/ebooks/theology_occultism/Geography9.html
http://avaxhome.ws/ebooks/others/3575278368.html
Can't the scripts that allow users to Post Comments be tweaked to check the contents of the comments, and block comments (and delete accounts!) that contain known invalid links, like "rapidshare-com-files-untitled-rar.tk"? That would automate the moderators task of manually deleting such posts.
*http://www.avaxhome.ws/ebooks/others/3575278368.html
http://www.avaxhome.ws/ebooks/science_books/philosophy/gtd6y5de434tgdrgsegtest.html
There is Easy Share, Deposit File, Uploading, UploadBox and etc that is so much better than Rapidshare. Stop using that Rapid Crap and the Phishing stops.
@ Dawnz
Very fine article! TNX Dawnz!
Personally I am ashamed that it again needs to be written.
On a MODERATED site like AvaxHome there should be no phishing links at all. If our mods would do the work they are paid for a bit more serious, there should be no need to write such words. :-(
@ Pasha [EDITED shorter version]
> Just write to me or torai about fishing links and such user(s) will be terminated as fast as possible :-)
Yeah, very funny. Same nonsense again as last year.
May I kindly REMIND you that we already have rules that AH mods should LOOK at a published link during moderation? That they should REFUSE publications with encrypted / redirected / hidden links - if the publisher is not known (like new registered members) to the mods?
These rules had been even announced in full public during the last major phishing attack last year.
Asking our members to do your work is not only a bad joke. As most of our users are NOT ABLE to detect phishing and most of our users simply TRUST that AH will not publish such shit it makes no sense to first let them be attacked by phishing and after the mess asking them even to write mails.
BTW, all the many not registered users cannot write mail to you ...
@ ALL
Phishing is in no way limited to stealing RS Accounts. Depending on the security level you have set up on your computer it can also be used for much worse things as described here.
I highly recommend that whenever you move your mouse-pointer over a link, FIRST look at the status bar of your browser to see which address you will call if you click on that link.
For links inside publications our moderators SHOULD take care that they lead to well known sites. But I am ashamed to have the need to say: Better look yourself. :-(
For links inside comments there is no way for us to control. Every second many comments can be added or changed on any of the over 350.000 publications at AvaxHome. On same day we had the moderator rules against phishing we fully disabled the URL tag for comments in our software. Instead of a link - which might lead you somewhere very different as what the text of the link tells you - you direct see the real address as text. So please do NOT copy and paste that address if it is not leading to a well known site you trust.
In case of bad links inside comments please take the time to send a short mail to torai or -=Pasha13=- so it can be handled. Please include inside your mail:
1. The URL of the AvaxHome page you report
2. The date- / timestamp and the name of the creator of the comment you report.
TNX!