A warning about RS/MU/HF password phishing

[Rollyco]

To owners of Megaupload, Rapidshare, Hotfile, etc accounts:

There have been several recent cases on Akiba-Online of people posting links to specially crafted websites that are designed to steal your RS/MU/HF/etc passwords (i.e. "phishing".) Here's how they work:

1) A password stealer (phisher) makes a new post in the forums with a camouflaged URL. For example, the second link in this list is a phishing link (roll your mouse over it to see the real destination):

http://www.megaupload.com/?d=EI762N6E
http://www.megaupload.com/?d=YDKDTO6S
http://www.megaupload.com/?d=T31AXZB2
http://www.megaupload.com/?d=QT6CUYD0
http://www.megaupload.com/?d=OB19ANS1

2) If you click on the second link, it will not take you to megaupload.com, but to the phisher's own site. It looks exactly like a normal megaupload page. If you attempt to login to megaupload from that fake page, the phisher will capture your username and password.


We need your help in detecting these scumbags, so if you ever come across a suspicious post, just click on the

Report Post button.

 

[CL™©®]

How do we know the difference from the real MU site & a phishing site?
I had an Email account hacked by phishing & the login looked exactly the same as the home page.

 

[Rollyco]

Simple: roll your mouse over my 2nd URL and you can see the destination is not [noparse]http://www.megaupload.com/?d=YDKDTO6S[/noparse] but [noparse]http://example.com/phish_me[/noparse]

P.S.: your signature pic is extremely distracting and huge...

 

[wyvern2]

ok I will be careful


Hmm..in my firefox I use greasemonkey and then install rapidshare/Mu/Hf checker link..

So it's easy for me to look the phising site

Cheer's

 

[fr0stbyte]

Simple: roll your mouse over my 2nd URL and you can see the destination is not [noparse]http://www.megaupload.com/?d=YDKDTO6S[/noparse] but [noparse]http://example.com/phish_me[/noparse]

P.S.: your signature pic is extremely distracting and huge...

Distracting and cute.

This phishing scam will only work for those who click links one by one.. For those who copy paste links into JDownloader and your typical download manager, it won't. I'll report links if and when I see them.

:notice:

 

[redrooster]

since the last firefox update you cannot see properties (real link) by right mouse click anymore as the item in the mouse menu has been removed. Any clue how to see it nevertheless?

 

[Rollyco]

Roll over the link with the mouse and look at the status bar at the bottom of the browser window.

 

[fr0stbyte]

Roll over the link with the mouse and look at the status bar at the bottom of the browser window.

Must have status bar enabled.. I remember mine disabled when I first installed FF on my current laptop.

 

[aviant_greek]

from what i read from here

rapidfind.org

it simple to prevent someone to phished your account,
always keep log on to any file hosting (megaupload, rapidshare or else)
and the real link will after you click always get you straight to the download page / download button, without asking u'r user id n password since you already log on

IF you are asked for your user id n pass eventhough you already had chose keep log on, you can say something is not normal, and it would be better to avoid to download the file

other way, you can use IDM (internet download manager), put your user id and pass in IDM, so every time you click a link, the IDM will get straight to download option.
After that, always copy paste the link you want to download to a notepad and save it.
Use Task --> Import --> From text file --> open your notepad file with the link you want to download

hope this help

 

[qwerty07]

I think you should always be logged on to your account, so if the website prompts you to sign in, you know something's up. That's what I do.

Thanks for the warning, though.

 

[porkar]

Thanks Rollyco, your post #7 showed me the answer.

 

[Syobon]

http://torrentfreak.com/rapidshare-terminates-accounts-of-illegal-downloaders-100323/

one more reason to avoid rapidgarbage.

 

[covax]

:fever:

thank you, I have been lost my RF once but it's only one and a half month left .

 

[xater]

http://torrentfreak.com/rapidshare-terminates-accounts-of-illegal-downloaders-100323/

one more reason to avoid rapidgarbage.

That was fake.

 

[hypemx7]

Indeed.

As mentioned, this douchebaggery can be circumvented with ease by using a download manager that verifies the links.

 

[Syobon]

That was fake.

they removed the fake email, the remain is truth, unfortunately.

 

[Kinne]

Therefore I use free www.jdownloader.org for getting all links. Everything that you copy "ctrl + c" will automatically checked and put into a download list.

 

[Kiaracondong]

I use addon from mozilla

https://addons.mozilla.org/en-US/firefox/addon/722

works well from hijack

 

[anticlient]

why don't moderator urge member to put the link inside code tag? hence the link won't be an active/click able link

 

[dannythedevil]

Some sugesstions

1. Make a Rule or Urge Posters that they MUST code their Links.
2. If the links arent coded and you want to donwload the file then highlight the link.
3. Make sure that the coded link is http://www.megaupload or www.rapidshare in the beginning ( sometimes some digits come when you download from rapidshare )

mostly if the links arent coded, the chance is higher that a link is hidden behind it, and as mentioned earlier that it leads to another site where your account gets phished.