THE EASY WAY TO SEE IF A LINK ARE PHISHING / FAKED !

There are sadly lots of posters who are uploading phishing faked links in purpose to steal other persons Premium Account information (username and password) on Rapidshare. There are some easy ways to see if the uploader are a phisher or not.

Phishing links are:
The linkname are different in the post and in the Internet browser.


The linkname on the phished rapidshare.com are not the same as in the post


In this case were the linkname in the post rapidshare.com/files/110003645/Nikki_Anderson - French_Maid.rar and the linkname on the faked rapidshare downloadsite are rapidshare.com/files/111640313/1.05.2008.12.rar and as you can see it´s not the same downloadlink.

The phishers are ALWAYS hiding there original url behind a linkprotector fx link-protector.com, hide-url.net or lix.in. Here are one example of the acual url to the phishers site and it´s hosted on a free hostingsite.

Thanks for the info!

thanks for explaining

thanks for the information!!

interesting mate thanks

I know it's not good to have "non" video threads circulating in the video forum, but some of these posts contain some relevant info that might come in handy to spot phisher and react after you have been phished. One of the facts of life is that most members never step foot into a "General" type forum, so the potential audience is lost when the threads are transfered there from the video forum. Another sad but true fact is that many members never bother to read the stickies either.

Is there any chance you could open the closed sticky thread in the video forum so more members would have access to useful information posted by their fellow members? The information would most certainly reach a broader audience.

If you did open the closed sticky, would it be possible to merge some of the other threads into it?

No, I will not open my stickied warning thread up for useless comments to be added. There are sufficient warnings and examples already. There is a non stickied thread by a moderator already in the video forum providing even more examples.

OK Smukke Charlie, I've got lesson #1, I think (and thank you for that). Now, what do you make of a case like earlier today where the same name started popping up like mushrooms, but the posts had no links, just a large batch of pics attached. Are those likely to be infected with an imbedded virus or is this probably just spamming for that poster's website (which was there on his profile page)?
I'm asking you, because I watched you in action yesterday and you seem to know what you're doing, but if any of the mods want to jump in with an answer that would by OK too.

What if in some of these threads it's the other way around where the download link has a link protector then goes to rapidshare? I don't know, maybe having different upload options available may help but there seems to be someone always trying to do something bad to others.

MaXX5000 wrote:
Here is the Key

Don't give them your user name and password. You have to type them in on the phony link they give you.


If you ever choose the premium upload and the link generates an error and takes you to a log in near the bottom of the page, don't log it. They don't get your codes when you take the link. They get your code when you attempt to log in on their fake page. If you ever think you are logged out, go to Rapidshare.com and log in if you need to.

I click their links frequently. That's how I know the post is a phishing link. If you don't give the phishers your codes when they ask for them, it isn't a problem.

I saw a guy give some strange links that generated a 404 message earlier. They weren't to rapidshare, either. He gave a rapidshare.txt file link as the password to extract the bogus files.


As side notes:

Never open an .exe file you aren't 100% certain of, and then, only if you asked for it.

Never open a .swf file attached in a forum. I had my user name hacked that way once in another forum. Malicious people can embed nasty things in a flash file.

There is another file that can allow a hacker access, similar to a .swf, but I can't remember the name of it.

MaXX5000 wrote:

If you use a linkprotector in a none phishing reason the post in the thread also will show the linkprotected link. Phisher allways hide there linkprotected link in all there threads and it shows the faked rapidshare link and not the linkprotected linkname.

The simplest way to avoid these phishing links is to activate the direct download option in your premium rs account.

All rs links if protected or not will start the download immediately without asking about a pass/login if you are logged in your rs account (rs will set a cookie).

If you're asked for login, it's obviously phishing (or it is rarely possible you or your browser deleted the rs cookie).

A guide (with old rs screenshots, new will added soon) can be found in the security section (follow the link in my signature).

Monkey D. Ruffy

AKAbob wrote:
That's quite reassuring. I thought they were "cracking" the RS cookie directly, rather than simply fishing for any username and password you'd have to enter.

There's one over in "Video" that has this link:

dead link
but when you click on it, leads to this:
Phishing link, beware:
http://rapiidishiare.com/files/106478423/MLandDR.rar

If you're looking at the end of the address, you might miss the extra i's in Rapidshare.

I've started clicking on the name, if I don't recognize it, before I even open a thread and if they joined that day I am VERY wary. If they have started several different threads then forget it.

I've made the addition about your example of the fake rs link, so nobody click it accidentally.
Monkey D. Ruffy

There are a new phishing metod from a guy who have registrated a url named rs23rapidshare.com. Take a close look at this two pictures and you can see that he is a fucking phisher.