munkinarts.com: the blog » bit.ly http://munkinarts.com/blog Ravings of a loon Fri, 23 Dec 2011 04:47:59 +0000 en hourly 1 http://wordpress.org/?v=3.3 Dear Phishermen http://munkinarts.com/blog/2010/02/03/dear-phishermen/ http://munkinarts.com/blog/2010/02/03/dear-phishermen/#comments Wed, 03 Feb 2010 04:42:37 +0000 owner http://munkinarts.com/blog/?p=656 Continue reading ]]> If you’re going to take the time to rip off Bank of America’s graphics and email template, and even figure out how to place a Registration mark in an odd place, at least have the good sense to buy a cheap domain that *might* fool someone into clicking your log in link.

Here’s one example from a message in my spam trap:

http://chavdaphotographers.com/gallery/online.bankofamerica.com/

online.bankofamerica.com/ccss-rva.bankofamerica.com/ccss/102%26target=
acctOverview%26acid=1%26os/SSOEntrypageid=102%26target=
acctOverview%26acid=/onlineid-sessionload/signon.do/

Three free bits of advice, take them for what you will:

  1. Don’t ever click a log-in link from an email.  Go to the site in question and log in correctly.
  2. In many cases, if you move your mouse over a link you can see the destination in the browser’s status bar.  At best it should direct you to the actual site you think it’s heading towards.   Just be wary of bankoffamerica.com or bankofameirca.com   Two misspellings that look so similar to the real thing you might be fooled.
  3. Be wary of bit.ly and other types of shortened links in email.  You can’t see the destination of where they’ll take you, it’s best just not to click on them.
    ]]>     http://munkinarts.com/blog/2010/02/03/dear-phishermen/feed/ 0