On Sat, 19 Mar 2005 07:42:40 -0500, Roy Smith wrote:

In article ,
"Steve Foley" wrote:

What they've been doing recently is opening the real site with the address
bar showing, and opening a login popup, showing no address bar. More often
than not, the popup doesn't work. They're getting shut down pretty quickly,
but I'm sure some people are going for it. I usually type in a few
obscenities after I send the report to the correct party.

They are also getting increasingly sophisticated. I used to be able to
tell immediately from the shoddy graphics that it wasn't the real thing.
Not long ago, I got one phishing for my Citibank info that I couldn't tell
apart from the real thing.

It also used to be that you could be careful and look in the status bar (or
wherever your particular browser shows you a preview of a link the mouse is
hovering over) to make sure it was real. The text on the screen would say
"www.citibank.com", but the URL preview would say "123.456.78.90" and you'd
know it was a fake. Now they're building URLs in the links with non-ascii
characters which display in your browser looking like the real thing, but
resolve to a different IP.

They've even gone farther than that, with redirects.
I've gone to sites that looked and felt real. The URL was real, but
the site actually wasn't.

This is one of the hazards of using HTML e-mail. I use text only.
Clicking on the link can take you to the bogus site while typing in
will not. Usually with plain text you see the actual link, rather
than the bogus one.

But they are getting very sophisticated.

Roger Halstead (K8RI & ARRL life member)
(N833R, S# CD-2 Worlds oldest Debonair)
www.rogerhalstead.com