Thursday, September 30, 2010

A YouTube Phishing site

A youtube phishing site has newly come into existance with URL

This link claims to be a survey to help youtube to understand the viewer/user feedback and a prize money of  $2741.88 to answer some stupid questions like your sex and age . So tricky that it nearly makes you think that its a authentic youtube site.

This is how it works,

A quiz of two questions sex/age and then click to claim the reward.

It then redirects you to

When the user credentials and certain personal data like the Creditcard details are collected as you are
redirected to

it is something similar which follows the same process of collecting your Credit Card details as you fill the details around 32$ will be charged from your CC 

Here is how the page looks like

Note : Stay away from such sites ....Google/Youtube never comes with such stupid offers!!!!

Wednesday, September 29, 2010

Tab Nabbing Explained

           Just when you thought you'd seen it all, a new and particularly nasty form of Internet phishing, called tab-nabbing, poses a new identity theft threat to web users.

               Phishing, just to remind you, happens when a scammer deceives you into giving away information about yourself, mostly account details such as username and password.

Usually via an email or a link on another web page, they direct you to a bogus site that looks exactly like the genuine article -- like PayPal or Amazon for example -- and captures your login details when you try to sign in.
The crook can then use those details to sign on and remove money or make purchases on your account.

You can read more about Internet phishing in some of our earlier issues.

1Phishing Scams: How You Can Protect Yourself
2.New Clever PayPal Scam
3 New Phishing Scams: Clever Chase Bank Customer Survey Phishing Scam

               All of these previous online phishing scams rely on the user being fooled into clicking a link, whereas the tab-nabber plays a different and much less obvious trick.

             If you're a regular Internet user, you'll know how tabs work. In your browser -- for example, Internet Explorer, Firefox, Safari or Google Chrome -- they allow you to have several pages open at once, and to hop from one to the other.

             Sometimes, when you click on a link in one page, it opens the new page in a separate tab, and it's not unusual to have half a dozen or more tabs open at once.
You even forget which ones you had open, which helps the tab-nabber immensely.
The way this particularly evil form of Internet phishing works goes like this:
  • You already have a couple of tabs open when you land on a page controlled by the tab-nabber (though you won't know this).

  • While you're viewing this page, the tab-nabber accesses your browsing history to see which sites you regularly visit that have value to him -- again like Amazon, PayPal or an email Account like Gmail.

  • He (or she) then changes one of your tabbed pages to mimic one of these sites, complete with what looks like the genuine logo on the tab itself, hoping, when you return to this tab, you will think you must have visited that page earlier and just forgotten.

  • Even better, from the tab-nabber's point of view, you may really have just visited the genuine site (your bank, for example), left it open in the tab, and then returned to it to discover you seem to have been logged out.

  • Either way, the aim is to get you to think you're logging in again and, hey presto, the scammer has pulled off his cunning Internet phishing trick.
             Two key aspects make this much more effective than previous online phishing scams:
First, you don't have to click a link to get to the bogus page; you just click on what looks like a genuine page tab.

              Second, it uses sites you habitually visit whereas phishing emails often seem to come from organizations you've had no dealings with, so you would immediately suspect something was wrong.
In addition, if you do your banking online, the bank often will actually sign you out if there's no activity on their page, even if you still have it open in a tab. It's not unusual to be asked to sign on again.
However, two other things give the tab-nabbing trick away: First, although the page may look genuine, the Internet address or URL (the name of the site given in the address bar at the top of your browser) won't.

            So, the real Amazon home page for instance will show "" but a bogus page will have something quite different, even if it has the word "amazon" in it.

Second, the little padlock icon that appears in your browser (usually bottom right), when you visit a secure website, will be missing.

                       Still, it's a wicked deception, highlighted recently by a specialist who works for Mozilla, the organization that makes the Firefox browser. You can see his video demonstration of tab-nabbing (sometimes also called "tabnabbing" or "tabnapping") here if you have Adobe Flash installed.
What can you do to ensure you don't fall victim to this new type of Internet phishing? To be doubly-secure, here's what you should do.
  1. Get into the habit of glancing at the address bar for every page you visit or revisit. This makes good secure-surfing sense anyway.

  2. Look for that padlock on what should be a secure site page.

  3. After visiting a secure page, close it when you're done, rather than keeping it open in a tab.

  4. If a site invites you to sign on again, close the tab and re-key the correct address.
Any one of these four steps should help steer you clear of a tab-nabbing scam -- and if you have security software integrated with your browser, that should flag bogus sites too. With Internet phishing, you just can't be too cautious.

Source :  

Monday, September 27, 2010

Twitter gets a new makeover

Twitter just got a new makeover
now You will now find @mentions, retweets, searches, and lists just above your timeline – creating a single, streamlined view on the left of the screen. On the right, you can see the features you’re familiar with, including whom you recently followed and who recently followed you, favorites, and Trending Topics.
Looks more interactive and simple, richer and faster interface.

No redirections to the site to view the media content they can now be directly viewed on the right side as you click the arrow next to the tweet along with the information of the user and his/her recent tweets.

To get the newtwitter activated you need to tweet with #newtwitter and then you get a bar on the top asking if you would like to change to it

However i find the right part is a little wide and a lots of space is wasted.