How to use Rapidshare: A safe and simple guideline

Monkeys Guide How to use Rapidshare (and recognize phishing links):

Here's a guideline to activate the direct download option of your rapidshare premium account.
This is a real safe way to make sure, you don't login at phishing sites.

All rapidshare links you click or copy in your browser starts immediately without redirection.

Only exceptions are dead links (e.g. file not found, forbidden to share etc.).

Log into your account (picture 1) and make sure it's not a phishing site (see https picture 2).
Hover over the symbol.

Picture 1:


Picture 2:


English login picture (picture 3):

Picture 3:


German login picture (picture 4):

Picture 4:


A certificate pops up (picture 5):

Picture 5:


After you are logged into your account, go to options (picture 6):

Picture 6:


Check the Direct Download box (picture 7):

Picture 7:


Now every download starts immediately as long as you are logged into your account (if you don't delete the RS cookie).

The language you can see in my pictures is German, but I think the buttons should be on the same place.


Here is a typical rapidshare phishing example (picture 8).

Picture 8:


You can see though I'm logged into my RS account, the site can't find the cookie (of course, it's a fake site and they cannot read the RS cookies).

Another one (picture 9):

Picture 9:


You can see the difference between real and fake.

Here's a naked phishing link without redirection (picture 10):

Picture 10:


Here's an address without (picture 11) and with redirection (picture 12):

Picture 11:


Picture 12:


A popular and often used link protection site used by phishers to disguise their fake sites is lix.in (picture 13):

Picture 13:


But they also use other protection sites to disguise their phishing sites.

Will continued.

Monkey D. Ruffy

Thanks, Monkey D. Ruffy. That should help the folks who are new to file sharing via Rapidshare.

Nice work Monkey D.

Abraxas wrote:

Hell, it should be required reading for all of us. I didn't know the phishers had gotten quite so sophisticated...

I think the argument could be made that this thread should be stickied.

Hi, billyellis. You are right, so I made it a sticky.

As I said already Monkey D. Ruffy, good post and thanks for the work that you put into it.

Thanks all for your nice comments and Abraxas for sticking it

Yeah, took a good while to collect and edit all shots.

Have collected a nice amount of different RS phishing sites so far (almost more than 20 sites, most hosted on ripway.com or ofingo.com).

Some rare phishing sites are fake MU or depositfile sites.

As said above RS Premium user should activate direct download, and they will have hardly any problems with phishing.

Better safe than sorry.


Monkey D. Ruffy

Thanks for all the work you put into this.

One question - what about download managers like Flashget? If you set a universal username/password, I guess you need to be really careful that the links all are for RS.com or else the DM will automatically submit your username/password to the phishing site...

EDIT: Also, I would point out that surfers using FF with NoScript are probably not seeing the authentication logo since the comodo.net domain will be blocked by default. Makes it a little trickier to detect phishing sites.

billyellis wrote:

Hi.
I don't use Flashget, but Free Download Manager and the Flashgot add-on.
FDM has the RS pass saved and I've tried to download an actual phishing link.
It didn't work, but I thought so.
The pass is only valid for rapidshare.com, so other sites like rapidshurie.com (often used for phishing) aren't accepted.

Ah, as a FF user you should allow Scripts for some sites (I do it). And if you use the add-on AdBlock you can select which things should be blocked.

I can see the comodo graphic and it works fine, if I move the mouse over it.

If any questions left, feel free to ask (others of course too).

Monkey D. Ruffy

Monkey D. Ruffy wrote:

That's what I figured. Thanks for clarifying.

Thanks Monkey D. Ruffy for all the effort that went into this thread

Monkey D. Ruffy wrote:

That just sounds funny

Thanks for this info

Yes..thanks for the explaining it, so my beerbrain get it to..
Damm, i miss many tecnichal terms in danish..

hi all,

a lot has changed since this thread was started. RS is revamped and they put in a solid security mechanism, which i believe is very hard to break, if you strictly follow it.


Sleep well, no more phishing sites, or password thefts.

if u have a RS account, go check urself. it's all self explanatory. If u still need some guidance.... then

check the first pic. activate ur lock immediately. As long as ur lock is active, ur in RS safe hands. when u lock it, RS will send the unlock code to ur registered e-mail address (check settings in ur acct).

no one can change ur email id, login id, password, delete files and converting points. but u need to keep the unlock code safe.

after locking it, go everywhere, with out the fear of being phished. even some one phishes ur id and pass, they can only use ur acct to d/l files as long as you dont change the password. so, change password periodically.

In the second pic...
RS asks u to enter the code unlock. every time, u unlock and lock ur acct, RS will send a new lock code, so u'll be safe, if someone sees the code, while u unlock it.

This whole story holds good as long as ur email acct is safe and sound. RS literally threw the ball in ur court to protect ur RS acct. so, safeguard ur email acct.

why still using that obsolete prog to upload your files? I've been using RS manager since it was released 18 months ago. here is the link and it's very very efficient mate. take my word for that.

the current one you are using - if something goes wrong while uploading and your file is 90% or 20% already uploaded, then the whole part if gone. where as in this manager - whatever you upload, it's active status is saved on RS servers and you can continue uploading from there like - 20% uploaded and internet went down. so that 20% is saved in your account and you can continue from there.

the current one you are using doesn't do that. you have to upload that file afresh. here is the link
dead link
read the tut on this page.

cyborg wrote:
I believe you, but it requires net2.0 which can slow down your pc and it requires Vista as OS, at least they say so.
So the newest version of RS-uploader may be still the best solution for some uploaders with older hard- and software (like me)
But you are absolutely right what concerns the possibilty of resuming broken uploads. If your line isn't stable you should try to use the RS-Manager.