home
***
CD-ROM
|
disk
|
FTP
|
other
***
search
/
Freaks Macintosh Archive
/
Freaks Macintosh Archive.bin
/
Freaks Macintosh Archives
/
Textfiles
/
aol
/
AOLScam.txt
< prev
next >
Wrap
Text File
|
1999-03-29
|
4KB
|
69 lines
TSK Security Brief - - 26mar99
AOL Logon/Password Scam
___________________________________________
ØØØØØØØØØØØØØØØØØØØØØØØØØØØØØØØØØØØØØØØØØØØ
T*S*K T*S*K
The Shadow Knights Security Corp.
T*S*K T*S*K
http://www.ShadowGovt.net
___________________________________________
ØØØØØØØØØØØØØØØØØØØØØØØØØØØØØØØØØØØØØØØØØØØ
Brief written by - - The Phantom x^\|/^x
http://server.com/WebApps/byo.cgi?id=5101
http://server.com/WebApps/byo.cgi?id=5102
http://server.com/WebApps/byo.cgi?id=5103
http://server.com/WebApps/byo.cgi?id=5104
http://server.com/WebApps/byo.cgi?id=5105
http://server.com/WebApps/byo.cgi?id=5106
The above links are from a scam e-mail that has been sent to who knows how many AOL members. The
setup is fairly elaborate and is a little harder for the common AOL user to detect then most AOL
E-mail scams. Because most AOL users are not familiar with the 'real' Internet the scam has
probably collected at least 80% of the logon/password combos it has set out to snatch. Though I
am not sure to the extent off the scam, I do know that this is yet another attempt at a breach in
AOL security thanks to a little Social Engineering. I received the e-mail via BCC from
Pitwell@aol.com . The scam includes a subject of 'AOL Internet Accelerator' and the body
contains claims of faster Internet access IF you give your logon/password combo. Body of
message also includes details about the Personal Filing Cabinet and gives a Keyword where you
can go to change your password. These scams will only continue if ignorance seems never to
subdue. Please, if you are an AOL user (like myself) never, ever, EVER giveaway your account
information to an unauthorized source. AOL Staff will NEVER ask for your password to your
Logon account. Below is the exact text of the scam e-mail (A).
I have checked out the supposed links above and they look to be from a free CGI Scripting
Service. The BYO Forms (Build Your Own Forms from the WebApps Service) are available at no cost
unless of course you wish the advertisement banner (which is included in the free service) not to
be shown.
In an attempt to chat with 'John Cuber' (assuming that is his real name), AKA Pitwell@Aol.com,
I was denied any communication. I have attempted multiple e-mails and still have not been able
to reach him. If you do receive this scam or similar scam e-mail, forward all the scam e-mails
to TOSEMail1@aol.com .
Webmaster@ShadowGovt.net -
TSK Security Corporation - http://www.ShadowGovt.net
KnightNews Network - http://www.HackerNews.net
(A).
"Dear Member,
Storing your sign-on password can make web surfing faster! A password for your Personal Filing
Cabinet protects its contents by making it necessary to enter a password each time your PFC is
accessed. We recommend that you use the same password for both. You can only store passwords
for the account with which you are currently signed on. NOTE: Storing passwords does not
change your sign-on password. To change your sign-on password, go to Keyword: Password.
We are currently introducing new web surfing technology that allows faster surfing by storing
your password on the Internet. Each time you go to a web site your browser checks your
password to make sure you are currently signed on. Storing your password will make surfing
faster & easier and you will experience speeds 250% faster then your current.
Click Here To Store Your Internet Password Today!
Sincerely,
John Cuber"