Warning

 

Close

Confirm Action

Are you sure you wish to do this?

Confirm Cancel
Member Login
Site Notices
Posted: 3/29/2006 1:23:26 PM EDT
I get this email from "Chase Online" with the subject of "New Message from Chase Online(SM)"

I don't have an account with them, and this is obviously phishing.

So I click thier "Login Here" link that takes ends up getting a redirect that then sends me to an IP based site, not a Chase site.

It asks me to login - so I login with the username "fuckyou" and password of "asshole" - it "lets" me actually "login" of course, and then asks me to provide my info like name, account number, SSN, account #, pin#, security id# - so I enter totally bogus info - which it accepts and thinks it has some idiot entering legit info which is now going to be hacked. It thanks me, then shoves me off to the real Chase site.

I suggest everyone do the same, and put in "almost" correct info, If everyone did this, when these dingle-berrys try to hack, the alarms will sound that someone is hacking away and maybe, eventually, these scumbags will cease. The problem is that only stupid people respond to these emails and enter real info, which passes through the system cleanly as it robs them.

It was fun to login with bullshit credentials... just shows how bogus the site is.

Here - you try it if you dare... copy and paste this into your browser:
http://218.97.252.39/.jpmorgan/index.php?WduaW5fcGFnZUx=aW5kZXgucGhwP3Byb3NwZWN0X25mcGI9dHJ1ZXBvcnRsZ­XRfc2lnbmluXzFfYWN0aW9uT3ZlcnJpZGVGY2hhc2Vvbm­xpbmVGc2lnbmluRnZlcmlm

Login as Elmer Fudd or your favorite cartoon character, with any password you like...

Load thier database full of stupid shit. These asswipes piss me off.
Link Posted: 3/29/2006 1:29:51 PM EDT
While I appreciate the idea. For some reason I don't want my PC to be connected to their machine - you never know if they aren't trying to hack into the machine looking for other info while you're filling out their form.
Link Posted: 3/29/2006 1:51:18 PM EDT
[Last Edit: 3/29/2006 1:52:09 PM EDT by Hedonist]
I understand the average PC users concern. I'm a little more than average user so I do not fear too much. I've owned a computer network support firm for 12 years, and was lead tech for many years prior to that. We're the guys who implement protection everyday, over and over again.

Keep your service packs up to date, and do not allow anything to be installed without your approval. If these folks can reach into your PC, they don't need you to type it in online to steal from you. There are other issues, but in this case its just an email directing you to a website which hopes you'll give them useful info.

They don't want to leave much evidence behind, they only want what you type in as being given to them - not taken.
Link Posted: 3/29/2006 2:07:03 PM EDT
Active Whois 2.6.4145
Wed, 29 March 2006 17:05:17 -0600 (Central Standard Time)
Looking for 'http://218.97.252.39/.jpmorgan/index.php?WduaW5fcGFnZUx=ldGFpbHNfd2luZG93TGFiZWxfcG9ydGxldF9zaWduaW5f­cGFnZUxhYmVsX3BhZ2Vfc2lnbmluJlVzaW5nU1NMPTEmd­XNlcj08P2VjaG8gJHVzZXI&user=&pass='

218.97.252.39 - host alive, connection speed 312ms
No DNS record found

---
No domain given

---
IP address:
Looking for '218.97.252.39'

Server 'whois.apnic.net' reply [1648 bytes in raw data]:

inetnum: 218.97.252.0 - 218.97.252.255
netname: slsdej
country: CN
descr: descr: The Second Engineering Bureau of China Water conservancy and electricitydescr: National Internet Registrydescr: West Street Dingfuzhuang
admin-c: HW37-AP
tech-c: HW37-AP
status: ASSIGNED NON-PORTABLE
changed: wangxl@sinnet.com.cn 20040304
mnt-by: MANT-CN-SINNET
source: APNIC

person: Huijing Wang
nic-hdl: HW37-AP
e-mail: hjwang@sinnet.com.cn
address: 2/F,TowerA,East Plaza,No.9 DongZhong Street,Dongcheng District,Beijing
phone: +86-10-64181150
fax-no: +86-10-64181819
country: CN
changed: wangxl@sinnet.com.cn 20040213
mnt-by: MAINT-NEW
source: APNIC

inetnum: 218.97.252.0 - 218.97.252.255
netname: slsdej
country: CN
descr: descr: The Second Engineering Bureau of China Water conservancy and electricitydescr: National Internet Registrydescr: West Street Dingfuzhuang
admin-c: HW37-CN
tech-c: HW37-CN
status: ASSIGNED NON-PORTABLE
changed: wangxl@sinnet.com.cn 20040304
mnt-by: MANT-CN-SINNET
source: CNNIC

person: Huijing Wang
nic-hdl: HW37-CN
e-mail: hjwang@sinnet.com.cn
address: 2/F,TowerA,East Plaza,No.9 DongZhong Street,Dongcheng District,Beijing
phone: +86-10-64181150
fax-no: +86-10-64181819
country: CN
changed: wangxl@sinnet.com.cn 20040213
mnt-by: MAINT-NEW
source: CNNIC



---
HTTP HEAD for url: http://218.97.252.39/.jpmorgan/index.php?WduaW5fcGFnZUx=ldGFpbHNfd2luZG93TGFiZWxfcG9ydGxldF9zaWduaW5f­cGFnZUxhYmVsX3BhZ2Vfc2lnbmluJlVzaW5nU1NMPTEmd­XNlcj08P2VjaG8gJHVzZXI&user=&pass=

200 OK
HTTP/1.1 200 OK
Date: Wed, 29 Mar 2006 23:28:55 GMT
Server: Apache/2.0.40 (Red Hat Linux)
Accept-Ranges: bytes
X-Powered-By: PHP/4.2.2
Connection: close
Content-Type: text/html; charset=ISO-8859-1
---


Link Posted: 3/29/2006 2:15:37 PM EDT
I get the exact same emails, and I don't have a Chase account either. At the bottom of the first email I received there was an 800 number which I called. It was actually a Chase # which started with an automated message starting that these emails were bogus. I am still getting them occasionally--- so hell yeah I will F with em too
Link Posted: 3/29/2006 2:35:00 PM EDT

Originally Posted By AlreadyThere:
Active Whois 2.6.4145
Wed, 29 March 2006 17:05:17 -0600 (Central Standard Time)
Looking for 'http://218.97.252.39/.jpmorgan/index.php?

<Snipped for space>





Above you will find more of an investigation than I have ever seen to figure out who is responsible.

Leos are clueless, and the banks just write off the losses. Meanwhile Mr. Wang in China is bilking. This is financial terrorism.
Link Posted: 3/29/2006 2:38:37 PM EDT
[Last Edit: 3/29/2006 2:38:55 PM EDT by California_Kid]
First, I figure out what part of the world their server is located in, then I send appropriate insults.

If it's Asia, I fill out the fields with "Asians have tiny penises".
Link Posted: 3/29/2006 2:39:55 PM EDT
Now THAT'S what I'm talking about.

Good job!
Link Posted: 3/29/2006 2:39:59 PM EDT

Originally Posted By Forest:
While I appreciate the idea. For some reason I don't want my PC to be connected to their machine - you never know if they aren't trying to hack into the machine looking for other info while you're filling out their form.

+1! I guarantee they back hack!
Link Posted: 3/29/2006 2:44:34 PM EDT

Originally Posted By jpman7:

Originally Posted By Forest:
While I appreciate the idea. For some reason I don't want my PC to be connected to their machine - you never know if they aren't trying to hack into the machine looking for other info while you're filling out their form.

+1! I guarantee they back hack!




Let 'em hack at me for a while, at least they'll be busy for a long time.
Link Posted: 3/29/2006 2:48:07 PM EDT

Originally Posted By Hedonist:

Originally Posted By jpman7:

Originally Posted By Forest:
While I appreciate the idea. For some reason I don't want my PC to be connected to their machine - you never know if they aren't trying to hack into the machine looking for other info while you're filling out their form.

+1! I guarantee they back hack!




Let 'em hack at me for a while, at least they'll be busy for a long time.


That's true but I don't have a proxy server set up.
Link Posted: 3/29/2006 2:49:43 PM EDT
How do you do this?


Originally Posted By AlreadyThere:
Active Whois 2.6.4145
Wed, 29 March 2006 17:05:17 -0600 (Central Standard Time)
Looking for 'http://218.97.252.39/.jpmorgan/index.php?WduaW5fcGFnZUx=ldGFpbHNfd2luZG93TGFiZWxfcG9ydGxldF9zaWduaW5f­cGFnZUxhYmVsX3BhZ2Vfc2lnbmluJlVzaW5nU1NMPTEmd­XNlcj08P2VjaG8gJHVzZXI&user=&pass='

218.97.252.39 - host alive, connection speed 312ms
No DNS record found

---
No domain given

---
IP address:
Looking for '218.97.252.39'

Server 'whois.apnic.net' reply [1648 bytes in raw data]:

inetnum: 218.97.252.0 - 218.97.252.255
netname: slsdej
country: CN
descr: descr: The Second Engineering Bureau of China Water conservancy and electricitydescr: National Internet Registrydescr: West Street Dingfuzhuang
admin-c: HW37-AP
tech-c: HW37-AP
status: ASSIGNED NON-PORTABLE
changed: wangxl@sinnet.com.cn 20040304
mnt-by: MANT-CN-SINNET
source: APNIC

person: Huijing Wang
nic-hdl: HW37-AP
e-mail: hjwang@sinnet.com.cn
address: 2/F,TowerA,East Plaza,No.9 DongZhong Street,Dongcheng District,Beijing
phone: +86-10-64181150
fax-no: +86-10-64181819
country: CN
changed: wangxl@sinnet.com.cn 20040213
mnt-by: MAINT-NEW
source: APNIC

inetnum: 218.97.252.0 - 218.97.252.255
netname: slsdej
country: CN
descr: descr: The Second Engineering Bureau of China Water conservancy and electricitydescr: National Internet Registrydescr: West Street Dingfuzhuang
admin-c: HW37-CN
tech-c: HW37-CN
status: ASSIGNED NON-PORTABLE
changed: wangxl@sinnet.com.cn 20040304
mnt-by: MANT-CN-SINNET
source: CNNIC

person: Huijing Wang
nic-hdl: HW37-CN
e-mail: hjwang@sinnet.com.cn
address: 2/F,TowerA,East Plaza,No.9 DongZhong Street,Dongcheng District,Beijing
phone: +86-10-64181150
fax-no: +86-10-64181819
country: CN
changed: wangxl@sinnet.com.cn 20040213
mnt-by: MAINT-NEW
source: CNNIC



---
HTTP HEAD for url: http://218.97.252.39/.jpmorgan/index.php?WduaW5fcGFnZUx=ldGFpbHNfd2luZG93TGFiZWxfcG9ydGxldF9zaWduaW5f­cGFnZUxhYmVsX3BhZ2Vfc2lnbmluJlVzaW5nU1NMPTEmd­XNlcj08P2VjaG8gJHVzZXI&user=&pass=

200 OK
HTTP/1.1 200 OK
Date: Wed, 29 Mar 2006 23:28:55 GMT
Server: Apache/2.0.40 (Red Hat Linux)
Accept-Ranges: bytes
X-Powered-By: PHP/4.2.2
Connection: close
Content-Type: text/html; charset=ISO-8859-1
---



Link Posted: 3/29/2006 2:52:29 PM EDT
[Last Edit: 3/29/2006 2:52:52 PM EDT by jpman7]

Originally Posted By Zippy_The_Wonderdog:
How do you do this?


www.netsol.com
click WHOIS
Top Top