It’s called Phishing – I got this one in my MSN.com email account this morning. In a seminar recently a developer asked me for an example of how Phishing works and I thought this was a good typical example – so I’d bog it.
NOTICE: Never Click on a Link in an Email unless you’re REALLY Sure !
In my morning in-box I receive this email, sent to my MSN.com address that appears to be an official looking request form MSN Accounting.
But, when I hover over the link the email wants me to click on I see a problem !!!
The link is to www.msn-club.com and NOT www.MSN.com
Also, notice the cid= argument ? This argument identifies me to the Phishing Host – so I DON’T click on the link.
I don’t want the Phisher to know they even found me.
Instead, I open a new browser instance and enter www.msn-club.com into the Address Bar.
A trick happens here that fools lots of web surfers. A new window opens the box above.
The ORIGINAL browser window re-directs to the REAL MSN.com
If you Right-Click in the Dialog Box that asks for the MSN Username and Password, and view properties…….
LOOK ! You’re about to send your Usename and Password to a Hacker’s Site !!
If we look at the WHOIS record for msn-club.com we see that it does NOT belong to Microsoft Corporation.
In fact, it was registered only FIVE DAYS ago.
NOTE: The name and contact info for the registrant has been modified and the attack has been reported to MSN. It is very possible that the name and contact info in the record are NOT actuall and were used by the REAL registrant to mask their identity.