Indeed, the identity theft and all our personal data this time is via the classic e-mail spam or farmaceutical fraud with the classic sales of blue pills.
At first sight this type of e-mail can seem perfectly normal as any normal letter, the difference is highligthed when you click the link whithin the e-mail sent us and magically doesn’t open the displayed link but the website of a mailing host, can be Msn or Yahoo or Gmail or another to the pleasure of the lamer.
The mailbox is not open from the link, it’s open only the home page that ask the login. Although it may seem like a classic phishing it is not. Indeed the page of the mailing host is the true and real page that we see when we open the link of Yahoo, Msn or Gmail or other manually, the same images, the same news, the same links posted, the same page of log in, the unique difference is that hidden under this true website there is a second website ready to steal any sensitive data, from the password of the e-mail to your contact and friendship of the network connected at the e-mail to everything that belongs to you.
This new technique is created directly from the html code which is made the original e-mail. I will not write the complete code that the lamer use but a surrogate:
<tag> <sitoa.com> <yahoo.com </tag>
in this way the first site named by me sitoa.com is completely hidden from the second named by me yahoo.com, but maybe any other mailing host.
The person that receiving the e-mail in this case doesn’t perceive to be a decoy site and maybe casually is more likely to enter his/her log in datas quietly because he think to have open the page himself, this can happen above of all if there is multiple windows or tab open.
Once you are open on the decoy website your account all your datas from e-mail to the password, to our contacts, to the content of your e-mail, to your friendship, to all that there is in your e-mail passes in the hand of the lamers so they can steal of any usefull or useless datas.
Today there is not still a IT solution to overcome at this issue, the unique appropriate solution at this kind of e-mail actually is to keep tight control on the page and tab open before and use a little bit of common sense not to fall into the trap.
Heba
pubblicato il 17/07/2010