rant: i got phished (Pic)

[o1001010]

so i got a email,



being the fact that i got it around 5pm and buy.com is actually a supplier of ours i clicked on the site and not realizing it points to:

http://secure.buy.com.sslze.com/corp/support/login.asp

the way i check sites are by moving mouse cursor over certain links on the destination site and see where they link to, in this case they all link back to buy.com so i put in the password.

wrong password. humm, tried another one of same level still no go, clicked on forgot password link and buy.com loads up recongnizing me. then then oh sh** sign went off in my head. changed the password and all the related sites password (eg newegg) and other sites that use the same password. went off to work.
came back to office 4 hours later, another oh sh** sign went off in my head. not only the legit password needs to be change i also tried my other password because it failed the first time. went over every piece of website i can think off and that i have an account with changed everything.

went to sleep and woke up middle of night, does that forge website drop cookies? and if so does it track what password that i changed to the new buy.com? oh sh** went off in my head again and i changed all the site that used that password for the third time, after clearing all cookies of course. there is no add-on in my firefox.

so i think i am secure now, just really can't get over the fact that i fell for this junk, and i am a certified security officer. i guess i had a moment of idiocy.

MOD EDIT: Picture warning added.

[RealBlackStuff]

"certified" being the operative word here

[dsigma6]

The ad does look completely fake, but who can resist a free laptop?

At least you took the steps to try and fix the potential damage caused by the phishing expedition.

I guess you'll be watching your accounts like a hawk now...

[o1001010]

lol, it took me a while of studying to pass the security+ certification, i guess i had a classic "blond moment".

i guess what is surprising about this is that they usually go for the bank account and credit card account and stuff instead of something minor like buy.com, i guess they get you when you least expects it.

to tell the truth, it wasn't the laptop that caught my eye, i was eager to log on to buy.com to see what other special they had.

it makes absolutely no sense now but then it was a different story. i guess i can use this experience and write a article about it.

you can call me a noob for the rest of the week

ps: i spent some time and took the phishing site apart. it seems the cookie just record whatever you type in the user and pass and after 2 failed attempts which the cookie logs it send these value to the legit buy.com the reason the phishing site looks real is because it is leeched everything from the original buy.com server. they merely change the action where the password submits to.

[Kyocera]

I alwys luuk for typios and incorrectly used of englich

which is there, Buy.com just accept the accounts

suttle but incorrect nonetheless

[t20user]

Would a fingerprint reader have averted this in any way?

[leoblob]

I use different user names and passwords for every account I have. I do this primarily because I'm paranoid, but I also find it helps exercise the memory portion of my brain (which needs all the exercise it can get. )

[o1001010]

I use different user names and passwords for every account I have. I do this primarily because I'm paranoid, but I also find it helps exercise the memory portion of my brain (which needs all the exercise it can get. )

geez, i wish i am as smart as you are. for me, that is more than 100 passwords..... ack

[j-dawg]

Anyone using more than one exclamation point at the end of a sentence is either a middle-schooler, a scammer, or both.

[Stan]

Ar'm seyn nowt, ar onner gerrin mowa greyf fur mar japes than ar an up to nar.

All the best from medieval England.

[SHoTTa35]

well all the IE peoples, report the site as phishing from your browsers. So that when any other user go there it'll pop up immediately as phishing and warn the user about closing or putting private info there.

I submitted once and will do it once more

[BeeJayEmm]

I alwys luuk for typios and incorrectly used of englich...

Unfortunately, this tack will only help those whose command of English is greater than that of the scammer.

[erik]

the dead giveaway is the copyright date; 1988-2008.   anyone who knows their history should know that internet companies like this didn't start popping up until the mid 90's.   buy.com wasn't founded until 1998.

[joester]

Would a fingerprint reader have averted this in any way?

As I understand it, the fingerprint image is tied to a password. Accepted fingerprint image causes the password to be automatically entered without the user touching the keyboard.

Not likely it would help.

Joe

Like I say to my kids..

If it looks to good to be true, it can't be true. Especially on the internet.

[o1001010]

i think finger printer will help in a way such as stored password works in this case, it will pop in the password automatically when visited. and since this is a forged site there will be no password present.

i don't know if anyone knows this or not, but can you use cookies to track what a user type in to fields on websites other than your own page?

edit: what i am really asking here is that for the cookies that the scam site set, is it possible for it to follow me to other sites or even buy.com's own password changing page and pick up the new password that i typed in the password changing field??

from what i learned so far this is impossible, but i am no asp or coding superstar.