phishing scammers have reached a new low...

i dont know if this is an old tactic for the phishing scammers but now i have noticed that they are creating usernames that look similar to good and trusted posters. they are even using their avatars.

here are three fakes i have noticed posting in the vids section:

RJ TAYLER.
Good Samaritan.
Grimble_Krumble

if you arent paying attention to the post count, you might miss the small difference in names.

the REAL members are:

RJ TAYLER
Good Samaritan
Grimble Krumble

They should be shot and hanged... I wonder if these people have any kind of moral compass or if they grasp the concept of respect for other people...

Wtf ? But the idea is brilliant...

Yes, we mods and admins noticed that problem and the admins take action to prevent that sort of account stealing.

All members should report any suspicious post whichever nick-name was used.

Nicks could be phished as well, so keep an eye on each post.

Premium members of RS should activate the direct download option.

I'll write a new guide for rapidshare as soon as I've some spare-time left, but you can see how to activate the direct download option (see my signature guide to rs, sorry old layout) and a lot of the phishing problems won't happen.

But here's a short guide how to reveal fake rs sites.

1. Picture 1 shows a typical lix.in hidden rs link.
Fake or not?!?
You can't say. If you want to be on the safe side, copy & paste the rs link.

2. Picture 2: Want to be sure, if real or not?!? No problem. Right mouse click opens context menu (I use FFX). Click on site information.

3. Picture 3: Click on forms reveals the hidden rs link and it's a real rs link.
All rs links starts with rs and a number as download.

4. Picture 4 shows an unprotected fake rs link. Site information the url to that site (rapiidishiare.com!)!

5. Picture 5 shows a typical phishing link posted here.

I hope that's easily understood.

Better safe than sorry.

Bye,

Monkey D. Ruffy

Thanks! that's actually pretty educational and should be read by all. The one in Picture 5 is sneaky and I'm sure 99% of the potential downloaders would not catch it.

The important thing is not to key in your user name and password if you do get an error message. Rapidshare doesn't generate that message. I have been on well over 100 phishing pages so far in attempts to spot and report the user. It's not the being there that gets you, it keying in your information when you get the error message.

Monkey D. Ruffy wrote:This is the key to getting the crap out of the forum after it is posted.

Monkey D. Ruffy wrote:People can guess password if they are simple, but that is unlikely. There are ways of phishing for them, but the file extensions used for those attempts aren't allowed here.

If you do encounter a .zip or .ace. or .rar file containing an .exe file, never open the .exe file unless you asked for it and it came from a trusted source who notified you of the file ahead of time.

Monkey D. Ruffy wrote:I tried that, but the direct download doesn't give the file information, just the download. Megaupload at least gives you an information page with the download details. I may not want it.

What do you get when you are on direct download and you encounter a phishing attempt?

Nothing?

Just no download?

Monkey D. Ruffy wrote:
If you think you may be logged out for any reason, go to Rapidshare.com and log in in th appropriate place on their home page. Then go back and get your file download.

Better safe than sorry.

Better late than pregnant.

Rapidshare was been done all day for me, anyone else having a problem?

No problems here, been using it all day

Im in the UK, tried two PC's as well.Thanks for the quick reply

AKAbob wrote:

If you've activated the direct download option, every time you click on a rs link the download should start immediately without trying to redirect you to the rs homepage.

It doesn't matter if the link is protected whether lix.in or some other site, the protected site pops up (or opens another tab if you use FFX) and then you get your download without entering anything.

If you click on a fake rs link guess what happens if direct download is activated (pic 1 and 2/real rs link pic 3)?!?

Yes, the (fake) rs homepage pops up and tell you that your cookie isn't found. That's all.
Even if you try to download a fake rs link with an appropriate download accelerator who has saved your rs login information isn't dangerous cause the download manager doesn't identify the fake link as a real rs link.

Hope that helps.

Monkey D. Ruffy

Monkey D. Ruffy wrote:
I tried the direct route for a few days. I still like a little more information before I download if there wasn't any video information on the post.

Direct download also makes it impossible to get the link out of your premium zone if you want to post it. It goes strait to the download instead of the link.

Monkey D. Ruffy wrote:

Monkey D. Ruffy wrote:
Then you see the same thing on a phishing attempt with direct download as you do without it. You still get led to the phishing page because you "chose" the premium download option instead of the free download option.

Choosing direct download doesn't insulate you from ending up at the attempted phishing page. It only gets you there without any screens in between.

AKAbob wrote:

But that's the crucial point.

No login page where you'll have to enter your pass (that can be phished).

And I don't bother about how large a file is (the only information you'll get from rs).
Without any preview or further information I'll never download a file, unless I know the site where it comes from or the title.

I'll download almost everything via Free Download manager, only have to enter the links there.
If a vid/set isn't as good as the preview promises I delete it.

Monkey D. Ruffy

It is worth noting that you can detect a phisher link because they use spoofing, i.e. the link says one thing but you end up someplace else. If you roll your mouse over the link and the address as posted is different then the address displayed in the lower left taskbar of your browser, that is spoofing. And there is only one reason for posting a deceptive link, namely to scam you.

So roll your mouse over the posted link, look at the info in the bottom left of your browser that displays the actual link, and if the two addresses are not the same, it is spoofing. And the only good reason for spoofing is to commit a phishing act.

Monkey D. Ruffy wrote:
I thought you said that you ended up on the phishing page even with direct download?

Without direct download, I don't have to log in either, as log as I am already logged in and remembered. I only have to choose the "premium" path. It leads to an information page, and then to the download. If it is phishing, I get to that page after I choose the premium download.

I am dying to see a fake phishing link now. It has to stand out like a sore thumb since the format changes.

Monkey D. Ruffy wrote:
Unless it is zipped, t will tell you the movie format. Some video file formats aren't worth the effort.

Monkey D. Ruffy wrote:
A picture may be worth a thousand words but a single screen cap image really doesn't say all that much about the movie. I hate it when the one-and-only preview picture for a "hot" webcam video contains no nudity.

I seldom download when there isn't any any attempt at a preview. Some people get all excited over nothing.

Every now and then I take a chance and come out a winner.

AKAbob wrote:

I've had a collection of phishing sites, but they fortunately die pretty soon.

Here's one of the newest active (posted few days ago):

Code:

http://anonym.wrzhaven.com/rs/

Beware everybody: It's a phishing link! Don't enter your real login information!

You can play a little with this url (if you know what I mean ).

Yeah some formats suck (e.g. flv).

Monkey D. Ruffy