Tom's Hardware > Forum > Old Man/Woman's Club > Other > Stick em up!

Stick em up!

Forum Old Man/Woman's Club : Other - Stick em up!

Tom's Hardware: Over 1.4 million members in 6 different countries available to answer all your high-tech questions. Sign up now! Its free!

Ask the community Add a reply

Bottom Search this thread

This is a email I got in my hotmail today.

Quote :

Dear KayBank Online Users,

Due to recent serious online frequent activity, we needed to block all our
KayBank Online account to make sure the security of our customers.

In this circumstance, you have to complete an extra security measure. Please
follow the link to the verification process and unblock your account.

http://www.secure-centre.net/key/.ib2/Controller

we are extremely sorry for this convenience.

This is an automated email sent to all our customer. please do not reply. You
will not be answered.

Regards,

Security, KeyBank.

****************************************************

THIS IS THE LINK
IT SHOULD BE TITLED "ARE YOU A DUMB A_ _?

****************************************************

Please enter your User ID. If you have not created an Online Banking and Investing User ID, your Social Security Number (or Tax ID Number, for businesses) is your default User ID. You can create a User ID from the Self Service section within Online Banking and Investing.

User ID: Forgot Your User ID?

Please enter your Online Banking and Investing password, which you entered at the end of the enrollment process. This is also the password that you use today when getting account information or paying bills via 1-800-KEY2YOU®, our telephone inquiry system.

Password: Forgot Your Password?

Important Announcements
Our gift cards are a great alternative to cash, checks, and money orders.

Reminder: Key will never request personal information from customers via email. If you have entered account information from a link in an email claiming to be from Key, call the Online Banking Contact Center immediately at 1-800-KEY1KEY (1-800-539-1539).
Key Values Diversity. KeyBank is an Equal Housing Lender.
By accessing and using this website, you agree to the terms and conditions and important legal notices below.
User Agreement, Linking Disclaimer, Arbitration Provision, and Privacy Policy
Copyright © 1998-2004, KeyCorp. All rights reserved.

Can you believe that some people fall for this crap!

!#&$ :eek: ---There's the facts .... the twisted facts ... the distorted facts,...THEN THERE'S JOURNALISM!

Add a reply

This is phishing right?

<pre>A64 3200+ Winchester, DFI Lan Party NF4 Ultra-D, 1GB Corsair 4400C25PT, WD740GD, WD2000JB, WD1200JB, ATI X800XL, Dell 2405FPW</pre>

Reply to dhlucke

This is more like just plain stupid.

!#&$ :eek: ---There's the facts .... the twisted facts ... the distorted facts,...THEN THERE'S JOURNALISM!

Reply to russell

To us yes, but most people have no clue about computers and technology.

<pre>A64 3200+ Winchester, DFI Lan Party NF4 Ultra-D, 1GB Corsair 4400C25PT, WD740GD, WD2000JB, WD1200JB, ATI X800XL, Dell 2405FPW</pre>

Reply to dhlucke

Here is info on that site....

Registrant:
Sanjeev Punjabi
9 Narrow Brook Court
Plainsboro, NJ 08536
US

Registrar: NAMESDIRECT
Domain Name: SECURE-CENTRE.NET
Created on: 18-SEP-04
Expires on: 18-SEP-05
Last Updated on: 18-SEP-04

Administrative, Technical Contact:
Punjabi, Sanjeev sam@myaxsam.com
9 Narrow Brook Court
Plainsboro, NJ 08536
US
609-716-9815

Domain servers in listed order:
NS1.EVERYDNS.NET
NS2.EVERYDNS.NET
NS3.EVERYDNS.NET
NS4.EVERYDNS.NET

<pre>°¤o,¸¸¸,o¤°`°¤o \\// o¤°`°¤o,¸¸¸,o¤°
And the sign says "You got to have a membership card to get inside" Huh
So I got me a pen and paper And I made up my own little sign</pre>

Reply to RichPLS

I liked the trade mark next to the 1-800 number ...that was funny.

!#&$ :eek: ---There's the facts .... the twisted facts ... the distorted facts,...THEN THERE'S JOURNALISM!

Reply to russell

http://www.secure-centre.net/

phishy indeed....

<pre>°¤o,¸¸¸,o¤°`°¤o \\// o¤°`°¤o,¸¸¸,o¤°
And the sign says "You got to have a membership card to get inside" Huh
So I got me a pen and paper And I made up my own little sign</pre>

Reply to RichPLS

He knows I'm smarter than the average mark so he sent me two at the same time....
Yep .... if he's too smart for the first one, the second one will get him..
I've caught catfish smarter than him.

!#&$ :eek: ---There's the facts .... the twisted facts ... the distorted facts,...THEN THERE'S JOURNALISM!

Reply to russell

I like the way he spelled your banks name wrong.

<pre>A64 3200+ Winchester, DFI Lan Party NF4 Ultra-D, 1GB Corsair 4400C25PT, WD740GD, WD2000JB, WD1200JB, ATI X800XL, Dell 2405FPW</pre>

Reply to dhlucke

Report this incident to your bank...

<pre>°¤o,¸¸¸,o¤°`°¤o \\// o¤°`°¤o,¸¸¸,o¤°
And the sign says "You got to have a membership card to get inside" Huh
So I got me a pen and paper And I made up my own little sign</pre>

Reply to RichPLS

MR WALE JOHNSON,
CHIEF ACCOUNTANT,
UNION BANK OF NIGERIA PLC,
HEADQUATERS ANNEX,
VICTORIA ISLAND
LAGOS-NIGERIA.

Dear xxx xxx,

I am Mr Wale Johnson, the personal accounting officer to Mr Warner Paddack,a national of your country, who used to work with Atlas Dredging company in Nigeria.Here in after shall be referred to as my customer.On the 21st of April 2000, my customer, his wife And their three children were involved in a car accident along sagbama express road. All occupants of the vehicle unfortunately lost there lives.Since then I have made several enquiries to locate any of my customer,s extended relatives, this has also proved unsuccessful. After these several unsuccessful attempts, I decided to trace his surname over the internet,to locate any member of his family hence I contacted you.

I have contacted you to assist in repartrating the money and property left behind by my customer before they get confisicated or declared unserviceable by the bank where this huge deposits were Lodged. Particularly,the Union bank plc where the deceased had an account valued at about $7.3million dollars as issued me a notice as his accounting officer to provide the next of kin or have the account Confisicated within the next ten official working days since i have been unsuccesful in locating the relatives for over four years now i seek your consent to present you as the next of kin of the deceased since you have the same surname so that the proceeds of this account valued at $7.3million dollars can be paid to you and then you and me can share the money.

I have all necessary legal documents that can be used to back up any claim we may make. All I require is your honest cooperation to enable us see this deal through.I guarantee that this will be executed under a legitimate arrangement that will protect you from any breach of the law.

Please get in touch with me by email: jhnsnwale@yahoo.com or by my mobile number 234-1-8812770 to enable us discuss further.

Best regards,

Mr Wale Johnson.

Phone:234-1-8812770
Email : jhnsnwale@yahoo.com

<pre>°¤o,¸¸¸,o¤°`°¤o \\// o¤°`°¤o,¸¸¸,o¤°
And the sign says "You got to have a membership card to get inside" Huh
So I got me a pen and paper And I made up my own little sign</pre>

Reply to RichPLS

Well now he sounds like a thorough gentleman. I'll be glad to help him [/Irish]

:eek: I don't only break your heart, I also break your pelvis :eek:

Reply to WingDing

Hey, maybe he could help get you some extra money to lavish on the wife? You know you need it, and he does sound very trustworthy.

"I never comment on referees and I'm not going to break the habit of a lifetime for that prat." - Ron Atkinson

Reply to RobD

He's the answer to all my prayers. I'll contact him immediately and provide all details of my bank acounts and credit cards. I may even inform him about my secret stash of Hasslehoff porn.

:eek: I don't only break your heart, I also break your pelvis :eek:

Reply to WingDing

Hold back on the Hasslehoff porn, could be a good bargaining chip later on. Not like you're anticipating any problems with getting the money, oh no, that's just a mere formality. Get the Greased Oprah's out though, she's very highly revered out there. Could grease the wheels so to speak.

"I never comment on referees and I'm not going to break the habit of a lifetime for that prat." - Ron Atkinson

Reply to RobD

I have a very rare copy of the Oprah Yeast Infection special. It comes with a complimentary sachet of her filthy snatch cheese [/time for brekkie]

:eek: I don't only break your heart, I also break your pelvis :eek:

Reply to WingDing

Well then, you're already a rich man with that in your collection. You should have Christie's of London value that fine specimen of fanny batter, I'd imagine it would be highly sort after. [/time for brekkie to some back up]

"I never comment on referees and I'm not going to break the habit of a lifetime for that prat." - Ron Atkinson

Reply to RobD

Mr Wale Johnson = Big Dick = could it be Wingy?!?

<pre>°¤o,¸¸¸,o¤°`°¤o \\// o¤°`°¤o,¸¸¸,o¤°
And the sign says "You got to have a membership card to get inside" Huh
So I got me a pen and paper And I made up my own little sign</pre>

Reply to RichPLS

No, I'd be looking for people to send me nudie photos or samples of their used toilet paper.

:eek: I don't only break your heart, I also break your pelvis :eek:

Reply to WingDing

I'll volunteer for the latter.

War Eagle 13-0!
<A HREF="http://www.upsitedown.co.il/anim/rest40.html" target="_new">"What I am, I am an alchemist....I take money and turn it into kaka." --Mike Tyson</A>

Reply to Auburn9698

Should be easy given that you're full of it.

:eek: I don't only break your heart, I also break your pelvis :eek:

Reply to WingDing

:redface:

Hey, I left a sample sitting out sunny side up for the cleaning ladies here once. I'm sure I could do something more constructive with it sometime.

War Eagle 13-0!
<A HREF="http://www.upsitedown.co.il/anim/rest40.html" target="_new">"What I am, I am an alchemist....I take money and turn it into kaka." --Mike Tyson</A>

Reply to Auburn9698

...mmmmm...crusty...

There was a gross kid in school who used to blow his nose into a tissue and then lick it....*spews*...

:eek: I don't only break your heart, I also break your pelvis :eek:

Reply to WingDing

Oh, enough about your life story...

"I never comment on referees and I'm not going to break the habit of a lifetime for that prat." - Ron Atkinson

Reply to RobD

LOL!

<pre>°¤o,¸¸¸,o¤°`°¤o \\// o¤°`°¤o,¸¸¸,o¤°
And the sign says "You got to have a membership card to get inside" Huh
So I got me a pen and paper And I made up my own little sign</pre>

Reply to RichPLS

Eeewww!

War Eagle 13-0!
<A HREF="http://www.upsitedown.co.il/anim/rest40.html" target="_new">"What I am, I am an alchemist....I take money and turn it into kaka." --Mike Tyson</A>

Reply to Auburn9698

I got the same thing ... except it was for a Bank I use ... it was so realistic, I almost bit - because they have done this before (for real) - I have a rule to always call before I change anything with financial institutions ... but the one I got was on a pvt email that I use only for banks ... normally, never get spammed there ... seems Roadrunner was hacked and they got away with email address (and who knows what else).

FireFox 1.0.1: Works for me … You’re on your own …

Reply to Jake_Barnes

Report this incident to your bank...They will be interested and follow up with investigation.

<pre>°¤o,¸¸¸,o¤°`°¤o \\// o¤°`°¤o,¸¸¸,o¤°
And the sign says "You got to have a membership card to get inside" Huh
So I got me a pen and paper And I made up my own little sign</pre>

Reply to RichPLS

I did that 1st thing ... interesting, that they said they knew about it ... I thanked them for the heads up, and am closing the fucking acct ... geeze, they knew this was going on and didn't warn their cutomers ...

FireFox 1.0.1: Works for me … You’re on your own …

Reply to Jake_Barnes

yeah they sent me one for mine but it was so obvious, they used an ip address for the link instead of southtrustbank.com;

[-peep-] idiots

I work therefore I am conservative.
<A HREF="http://www.cameronwilliamson.com" target="_new">-={Psychotic Sociopath.}=-</A>

Reply to mrface

Now this is scary: <A HREF="http://www.wired.com/news/infostructure/0,1377,66853,00.html?tw=wn_2bizhead" target="_new">Pharming Out-Scams Phishing</A>

FireFox 1.0.1: Works for me … You’re on your own …

Reply to Jake_Barnes

Quote :

yeah they sent me one for mine but it was so obvious, they used an ip address for the link instead of southtrustbank.com;

You're sharp enough to catch those "details" immediately ... but the average or older persons would/might not see that ip addy discrepancy ...

FireFox 1.0.1: Works for me … You’re on your own …

Reply to Jake_Barnes

yeah i called em and gave them the site ip and sent them the email that was sent to me.

I work therefore I am conservative.
<A HREF="http://www.cameronwilliamson.com" target="_new">-={Psychotic Sociopath.}=-</A>

Reply to mrface

Same here ... I did a reverse DNS trace (guess that's what it was) and followed the path in reverse ... seems it originated in Romania.

FireFox 1.0.1: Works for me … You’re on your own …

Reply to Jake_Barnes

I don't even have an account with KayBank, never even heard of them.

I can see that some really gullible people could bite.

Another thing that made it so obvious was that they sent two emails at the same time. Besides I never answer anything like that, I go directly to my bank's web site. Form the earlier post and link it looks as though even that isn't safe anymore.

!#&$ :eek: ---There's the facts .... the twisted facts ... the distorted facts,...THEN THERE'S JOURNALISM!

Reply to russell

Yea ... that wired news article has me worried. I have several large on-line investment accts ... I'll have to be especially careful ...

FireFox 1.0.1: Works for me … You’re on your own …

Reply to Jake_Barnes

what are youre acct numbers?

I work therefore I am conservative.
<A HREF="http://www.cameronwilliamson.com" target="_new">-={Psychotic Sociopath.}=-</A>

Reply to mrface

Dear sir,
we encountered difficulty while trying to access your account.If you would like to help us obtain the necessary information to withdraw funds from your on-line account then please contact us at 1-800-GET REAL.

Thank You for your gullibility,

http:\\www.ripuoff.sad

There would more than likely be responses to this email if someone were to send it.

!#&$ :eek: ---There's the facts .... the twisted facts ... the distorted facts,...THEN THERE'S JOURNALISM!

Reply to russell

Quote :

what are youre acct numbers?

555PHUKYOU

FireFox 1.0.1: Works for me … You’re on your own …

Reply to Jake_Barnes

heh heh!

<pre>°¤o,¸¸¸,o¤°`°¤o \\// o¤°`°¤o,¸¸¸,o¤°
And the sign says "You got to have a membership card to get inside" Huh
So I got me a pen and paper And I made up my own little sign</pre>

Reply to RichPLS

thats only one of them, lmao.

I work therefore I am conservative.
<A HREF="http://www.cameronwilliamson.com" target="_new">-={Psychotic Sociopath.}=-</A>

Reply to mrface

Here's a good link on the issues: <A HREF="http://nl.com.com/view_online_newsletter.jsp?list_id=e497" target="_new">C|Net</A>

FireFox 1.0.1: Works for me … You’re on your own …

Reply to Jake_Barnes

Quote :

Now this is scary: <A HREF="http://www.wired.com/news/infostructure/0,1377,66853,00.html?tw=wn_2bizhead" target="_new">Pharming Out-Scams Phishing</A>

Thanks for the link. Through it I found <A HREF="http://www.netcraft.com" target="_new">http://www.netcraft.com</A> that has a IE toolbar for download, which informs you directly about the geographic location a webpage is hosted from. That's a pretty easy and user friendly way of detecting phishing sites. Gonna install that thingy tonight to see if it's really working.

BigMac

<A HREF="http://www.p3int.com/product_center_NWO_The_Story.asp" target="_new">New World Order</A>

Reply to BigMac

Mac - I got this tip off another web site: If you type this string (or copy/paste) into the address bar - you will get a pop-up that tells you the real url for the web site - to confirm it's legit or reveal a phoney:

javascript:alert("Actual URL address: " + location.protocol + "//" + location.hostname + "/" );

(exactly as above)

I tried it with FF, and it worked on 2 of my banking sites ...

FireFox 1.0.1: Just because it works for me ... doesn't mean it will work for anybody else ...

Reply to Jake_Barnes

I'll just post the entire discussion:

Quote :

Phishing relies on users clicking on links which look like they will go to a particular web site but actually go elsewhere. Pharming hijacks DNS entries so that even the phishing-aware user who explicitly types in the web site they want (e.g. http://www.suntrust.com) will end up at a different web site anyway.

SSL certificate verification does defeat pharming, unless something else has already happened at the user's web browser to also defeat SSL certificate verification, of course. This can be as simple as a virus / worm / script exploit turning off the security options I'll describe at the end of this message, or as complex as a virus / worm / trojan / adware program actually changing the web browser to function differently. This is why security is a total process involving not just the right software (e.g. anti-virus, personal firewall) but also the knowledge of the user to configure and check things regularly, and to browse sensibly (don't download / install anything that you aren't certain is trustworthy, never click "yes" to toolbars, helpers, or anything else that pops up unexpectedly, etc).

Here's how SSL certificate verification works against pharming:

Scenario 1:
You type in e.g. http://www.suntrust.com
Someone has hijacked the suntrust.com domain, so that the IP address your computer gets for www.suntrust.com is really sending you to www.pharmer.com.
You look for the SSL "lock" in your web browser status bar, and you don't see it, so you stop.

Scenario 2:
You type in the web site address https://www.suntrust.com which has been hijacked, and since you explicitly use https:// it forces the browser to only go to an SSL enabled version of the web site.
Your browser goes to the hijacked destination https://www.pharmer.com.
The web server at www.pharmer.com sends its SSL certificate - a wholly valid certificate issued by a trusted CA .. but NOT issued to www.suntrust.com because SSL certificate issuers are quite good at ensuring that they do not issue certificates to any company other than the legitimate holder.
Your web browser, properly configured, pops up a warning saying that the certificate does not match the name of the web site, because the name of the web site is www.suntrust.com, but the SSL certificate is for something else (maybe www.suntrust2.com), so, being highly observant, you stop.

There are many possible variations on this theme, but those are the key ones from which most of the others stem.

To put more detail to it, we must rely, and historically we can rely, on the SSL certificate issuers e.g. Verisign (http://www.verisign.com), Thawte (http://www.thawte.com) to validate that the requestor of an SSL certificate for a web server legitimately has the right to have that certificate. So even though typing www.suntrust.com does not get you to the legitimate Sun Trust Bank web site, the fact that the real Sun Trust Bank web site is the only place which can have a www.suntrust.com SSL certificate protects you.

To make sure that your web browser properly validates SSL certificates, set the following options in Internet Explorer 6 (users of other browsers will find comparable settings somewhere in their browser configurations):

Tools -> Internet Options
Advanced tab
Under the Security section, make sure these options are checked:
* Check for publisher's certificate revocation
* Check for server certificate revocation
* Use SSL 3.0
* Warn about invalid site certificates

Make sure that the option "Use SSL 2.0" is not checked, because there are problems with the SSL 2.0 protocol which can make it possible for a pharmer to defeat SSL certificate verification.

I hope this is helpful.
-Jay Libove, CISSP

<A HREF="http://reviews.cnet.com/5208-3513-0-10.html?forumID=104&threadID=66002&messageID=1006442&start=-242&tag=nl.e497" target="_new">C|Net Source</A>

FireFox 1.0.1: Just because it works for me ... doesn't mean it will work for anybody else ...

Reply to Jake_Barnes

Ask the community Add a reply

Tom's Hardware > Forum > Old Man/Woman's Club > Other > Stick em up!

Go to:

Help |
Forum rules

There are 1029 identified and unidentified users. To see the list of identified users, Click here.

Page generated in 0.581 seconds

Please mind

You are about to answer a thread that has been inactive for more than 6 months.
If you still wish to proceed, please ensure that your posting is original and does not duplicate or overlap any prior responses to this thread.

Add a reply Cancel

Focus On

Stick em up!

Forum Old Man/Woman's Club : Other - Stick em up!

Please mind