APLawrence.com -  Resources for Unix and Linux Systems, Bloggers and the self-employed

Watch your clicks!

© December 2003 Tony Lawrence

Sat Dec 13 13:03:52 GMT 2003 Watch your clicks!

This warning shouldn't be necessary, but apparently it is.

You get email asking you to update your Ebay or Paypal account, or to download some new Microsoft security patch.


It's a little embarrassing to even say this, because this is so basic that nobody should be fooled by it, but apparently people are.


These people are trying to sucker you. Here's the raw text from a recent "Update your Ebay information" email:

</FONT><BR><FONT face="Times New Roman" size=3>You are requested to visit our 
site by following the link given below </FONT><BR><A 
face="Times New Roman" color=#0000ff 
face="Times New Roman" size=3> </FONT></DIV>

You see a link for https://www.ebay.com, but if you click it, you actually go to https://ssl-encrypted3.netfirms.com. What do you suppose you'd find there? It would look very official: in fact, one of the Microsoft scam sites looks so much like the real thing you could move around in it for quite a while - it's reported to be pretty big. But all of these sites have one purpose: to steal information from you or to put a trojan horse on your system to steal it later: passwords, credit card numbers, etc.

If you get email asking you to update anything, don't click on any links. Use your own fingers to go to Microsoft or Ebay or Paypal.

Got something to add? Send me email.

(OLDER)    <- More Stuff -> (NEWER)    (NEWEST)   

Printer Friendly Version

-> Watch your clicks!


Inexpensive and informative Apple related e-books:

Take Control of Automating Your Mac

Are Your Bits Flipped?

Digital Sharing Crash Course

El Capitan: A Take Control Crash Course

iOS 10: A Take Control Crash Course

More Articles by © Tony Lawrence

Just for amusement (I amuse easily at times) I played this silly game, clicked the link and then proceeded to fill in the blanks with all sorts of bogus information. After having done so, I started monitoring my PC to see what would happen. A program named svchost.exe magically appeared in the task monitor and, lo and behold, a hidden file showed up in the root directory. In that file were my responses to the form.

After waiting a while I noted there was a foreign system futilely trying to retrieve the data file. The foreign system mistakenly thought the file it wanted was on my UNIX server, since that server provides NAT to the PC's in our office. Eventually I deleted the data file and killed svchost.exe. I was tempted to pass over the bogus data file, but figured 'twould be better to just have it never appear, possibly confusing the script kiddie who thought I'd be sufficiently naive to hand over sensitive information to an unknown party.


I have seen the Micosoft one, but not the other ones. The Microsoft one looks very real, and after I warned everyone at work, I heard a few "uh, oh's" from people, who decided to take up the email's advice, and apply the "patch" on their home computers. I basically told everyone that it was like someone calling you on the phone and asking for your credit card info. Don't give out any information, unless you initiated the transaction.

- Bruce Garlock

"I basically told everyone that it was like someone calling you on the phone and asking for your credit card info. Don't give out any information, unless you initiated the transaction."

This is the 21st century equivalent of the 20th century problem wherein trusting folks were allowing supposed representatives from the phone company, gas company, etc., into their homes without demanding to see some credentials.


Maybe even worse. Thse thieves can get enough to steal your identity, which can screw you up for years..



Printer Friendly Version

Have you tried Searching this site?

This is a Unix/Linux resource website. It contains technical articles about Unix, Linux and general computing related subjects, opinion, news, help files, how-to's, tutorials and more.

Contact us

Printer Friendly Version

Computers are useless. They can only give you answers. (Pablo Picasso)

Linux posts

Troubleshooting posts

This post tagged:



Unix/Linux Consultants

Skills Tests

Unix/Linux Book Reviews

My Unix/Linux Troubleshooting Book

This site runs on Linode