作者 主題: 新型態的騙密碼手法  (閱讀 5926 次)

0 會員 與 1 訪客 正在閱讀本文。

被騎上班的老

  • 酷!學園 學長們
  • 活潑的大學生
  • ***
  • 文章數: 360
    • 檢視個人資料
新型態的騙密碼手法
« 於: 2004-10-30 08:41 »
今天我收到一封 mail

標題是 : WHOIS Data Confirmation for ntou.org

內容請參照後文。起初我很認真的看完信件,發現自己的資料有誤所以很熱心的點了修改的 LINK,想去修正資料 。但是點完 LINK 出現密碼對話視窗我才發現:這個畫面好像有點陌生。這時我才警覺: 這封看起來有模有樣的信件,有可能是詐騙集團的新手法

所以奉勸各位點了 LINK 之後遇到密碼輸入的對話窗時,再檢查一下連線的網址是不是正確。

請各位留意!



代碼: [選擇]
Dear Valued Customer,

ICANN, the organization responsible for the stability of the Internet,
requires that each domain name registrant be given the opportunity to
correct any inaccurate contact data (WHOIS data) associated with a domain
name registration. Our records for your domain are as follows:
 
ntou.org

Registrant:
 Reunion of National Taiwan Ocean University.
 1,Alley 1,Lane 278 ChungChing Rd.
 Tzuoying Dist.
 Kaohsiung,  81346
 TW

 Domain name: NTOU.ORG

 Administrative Contact:
    Fang, ChunChih  michael@tsungyin.com.tw
    1,Alley 1,Lane 278 ChungChing Rd.
    Tzuoying Dist.
    Kaohsiung,  81346
    TW
    +886.88673415877    Fax: +886.88673719484

 Technical Contact:
    Fang, ChunChih  michael@tsungyin.com.tw
    1,Alley 1,Lane 278 ChungChing Rd.
    Tzuoying Dist.
    Kaohsiung,  81346
    TW
    +886.88673415877    Fax: +886.88673719484

 Billing Contact:
    Fang, ChunChih  michael@tsungyin.com.tw
    1,Alley 1,Lane 278 ChungChing Rd.
    Tzuoying Dist.
    Kaohsiung,  81346
    TW
    +886.88673415877    Fax: +886.88673719484


 Registration Service Provider:
    NS.com., domreg@ns.com
    704.884.9000
    http://www.ns.com
    This company may be contacted for domain login/passwords,
    DNS/Nameserver changes, and general domain support questions.


 Record last updated on 25-Dec-2003.
 Record expires on 20-Feb-2005.
 Record created on 20-Feb-2002.

 Domain servers in listed order:
    NS.NTOU.ORG   61.70.115.23


 Domain status:
clientDeleteProhibited
clientTransferProhibited
clientUpdateProhibited
inactive


 
To review and update your WHOIS contact information, please log into
our management interface at: http://manage.opensrs.net
 
If any of the information above is inaccurate, you should correct it.
If all of the information above is accurate, you do not need to take any action.
 
Please remember that under the terms of your registration agreement,
the provision of false WHOIS information can be grounds for cancellation
of your domain name registration.
 
If you have any questions or comments regarding ICANN's policy, please contact
them directly at icann@icann.org.

Thank you for your attention.

Best regards,
Automated Services Inc.
 
 
 
NOTE: Please do NOT reply to this message.  This is an outgoing message only.
[/code]

yshsu

  • 可愛的小學生
  • *
  • 文章數: 7
    • 檢視個人資料
Re: 新型態的騙密碼手法
« 回覆 #1 於: 2005-02-04 16:39 »
補充一下:
這種新型的網路犯罪叫做「網路釣魚」
英文是[Plish]。
引述: "被騎上班的老鼠"
今天我收到一封 mail

標題是 : WHOIS Data Confirmation for ntou.org

內容請參照後文。起初我很認真的看完信件,發現自己的資料有誤所以很熱心的點了修改的 LINK,想去修正資料 。但是點完 LINK 出現密碼對話視窗我才發現:這個畫面好像有點陌生。這時我才警覺: 這封看起來有模有樣的信件,有可能是詐騙集團的新手法

所以奉勸各位點了 LINK 之後遇到密碼輸入的對話窗時,再檢查一下連線的網址是不是正確。

請各位留意!



代碼: [選擇]
Dear Valued Customer,

ICANN, the organization responsible for the stability of the Internet,
requires that each domain name registrant be given the opportunity to
correct any inaccurate contact data (WHOIS data) associated with a domain
name registration. Our records for your domain are as follows:
 
ntou.org

Registrant:
 Reunion of National Taiwan Ocean University.
 1,Alley 1,Lane 278 ChungChing Rd.
 Tzuoying Dist.
 Kaohsiung,  81346
 TW

 Domain name: NTOU.ORG

 Administrative Contact:
    Fang, ChunChih  michael@tsungyin.com.tw
    1,Alley 1,Lane 278 ChungChing Rd.
    Tzuoying Dist.
    Kaohsiung,  81346
    TW
    +886.88673415877    Fax: +886.88673719484

 Technical Contact:
    Fang, ChunChih  michael@tsungyin.com.tw
    1,Alley 1,Lane 278 ChungChing Rd.
    Tzuoying Dist.
    Kaohsiung,  81346
    TW
    +886.88673415877    Fax: +886.88673719484

 Billing Contact:
    Fang, ChunChih  michael@tsungyin.com.tw
    1,Alley 1,Lane 278 ChungChing Rd.
    Tzuoying Dist.
    Kaohsiung,  81346
    TW
    +886.88673415877    Fax: +886.88673719484


 Registration Service Provider:
    NS.com., domreg@ns.com
    704.884.9000
    http://www.ns.com
    This company may be contacted for domain login/passwords,
    DNS/Nameserver changes, and general domain support questions.


 Record last updated on 25-Dec-2003.
 Record expires on 20-Feb-2005.
 Record created on 20-Feb-2002.

 Domain servers in listed order:
    NS.NTOU.ORG   61.70.115.23


 Domain status:
clientDeleteProhibited
clientTransferProhibited
clientUpdateProhibited
inactive


 
To review and update your WHOIS contact information, please log into
our management interface at: http://manage.opensrs.net
 
If any of the information above is inaccurate, you should correct it.
If all of the information above is accurate, you do not need to take any action.
 
Please remember that under the terms of your registration agreement,
the provision of false WHOIS information can be grounds for cancellation
of your domain name registration.
 
If you have any questions or comments regarding ICANN's policy, please contact
them directly at icann@icann.org.

Thank you for your attention.

Best regards,
Automated Services Inc.
 
 
 
NOTE: Please do NOT reply to this message.  This is an outgoing message only.
[/code]

dean

  • 管理員
  • 俺是博士!
  • *****
  • 文章數: 1279
  • 性別: 男
  • 有些人,有些事,值得.
    • 檢視個人資料
Re: 新型態的騙密碼手法
« 回覆 #2 於: 2005-02-04 16:49 »
引述: "yshsu"
補充一下:
這種新型的網路犯罪叫做「網路釣魚」
英文是[Plish]。

應該是叫phish  或是 phishing  
E-mail Fraud..
http://www.sng.ecs.soton.ac.uk/mailscanner/phishing.html
小弟前年有遇到了,還直接找了被偽造的銀行裏的PM討論...
結果搞得他們內部IT部門忙成一團. :roll:  
MailScanner在去年底有實做過濾的機制,殊不知效果如何...

phantom

  • SA 苦力組
  • 俺是博士!
  • *****
  • 文章數: 2185
    • 檢視個人資料
新型態的騙密碼手法
« 回覆 #3 於: 2005-02-04 17:02 »
可是用 icann 相關的網路詐騙應該不多吧? 除非它想要轉移你的 domain.

您的 domain 該不會是向它註冊的吧?
http://manage.opensrs.net

其實這封郵件是提省為主.如果您的資料無誤, 自然不會去點 link.

反正我收到這類的 e-mail, 覺對不會去點它附的 link. 會乖乖的去 browser 裡, 直接去到該網站的主頁, 再一一點去看. 這樣一來, 除非它有本事去搞 DNS spoofing, 我才有可能受影響. 如果真是這樣, 我也認了.
Linux 非萬能, 沒 Linux 萬萬不能.
root = God
apt-get install ultimate-horsepower

dean

  • 管理員
  • 俺是博士!
  • *****
  • 文章數: 1279
  • 性別: 男
  • 有些人,有些事,值得.
    • 檢視個人資料
新型態的騙密碼手法
« 回覆 #4 於: 2005-02-04 17:03 »
嗯嗯..所以...要顧好您的hosts檔....^^||