Sun Sims Home Search FAQ Log in  
Reply to topic I entered a phising site yesterday.
I entered a phising site yesterday.
Ghostman
SimsHost Champion
Joined: 03 Jul 2006
Posts: 417
Location: Venezuela
Post Posted: Wed Nov 29, 2006 9:08 pm
Reply with quote
I was browsing GameFAQs message board and I got a link that supossedly "logged me out" from the page and presented me an identical looking page than the original awaiting for my data to get logged in. I was aware of it and didn't give away my account info, but apparently that site was able of stealing my cookies. I changed my password quickly and managed to keep my accounts, what exactly happened there? how do I protect from cookie-stealer sites?

_________________
David D.
Re: I entered a phising site yesterday.
Greg
Anja's Sock Puppet
Joined: 30 Aug 2004
Posts: 6672
Location: Happy Valley
Post Posted: Wed Nov 29, 2006 11:25 pm
Reply with quote
Ghostman wrote:
I was browsing GameFAQs message board and I got a link that supossedly "logged me out" from the page and presented me an identical looking page than the original awaiting for my data to get logged in. I was aware of it and didn't give away my account info, but apparently that site was able of stealing my cookies. I changed my password quickly and managed to keep my accounts, what exactly happened there? how do I protect from cookie-stealer sites?


Your web browser is *supposed* to be programmed to deliver cookies only to the domain that created them. The only way I can think of for that to happen would be if GameFAQs sent the content of the cookies to the other site.

How do you know that it stole your cookies?

Do you allow your web browser to autocomplete forms? That would be another way that the site could get information you didn't expect them to have.

_________________
Greg
Webmonster
Moon Sims ~ SimsHost ~ Ultimate Sims List
Ghostman
SimsHost Champion
Joined: 03 Jul 2006
Posts: 417
Location: Venezuela
Post Posted: Wed Nov 29, 2006 11:38 pm
Reply with quote
Nope, GameFAQs certainly didn't do that, in fact the phishing place was shut down by them quickly. And the cookie stealing was a rumor, I am not exactly sure what happened there. I got suspended (which led me to believe that my account had been hijacked) but later I got back my original status, I asked the the moderators what happened and they told me I had been suspended by accident. It was a total chaos there yesterday, every baited account was used to repost the link and getting more accounts baited. The administrator promptly send a system notification to everyone there and the actual damage was minimum, just 4 baited accounts an a lot of people with panic attacks. I use FireFox, and I should disable the auto-fill option.

The funny thing is that no money is involved in any of the accounts of that place, whoever did that did it only for the joy of annoying others.

_________________
David D.
Greg
Anja's Sock Puppet
Joined: 30 Aug 2004
Posts: 6672
Location: Happy Valley
Post Posted: Thu Nov 30, 2006 12:01 am
Reply with quote
Yet another example of where we need to pour some chlorine into the gene pool! Rolling on the Floor Laughing

And yup, it would be a very good idea to disable autocomplete.

Autocomplete was a nuisance for us for a while. People were writing in anger, asking how we had all that personal information about them when they created a SimsHost account. We had to write back to explain to them that it was their web browsers being overly helpful. Some of the autocomplete routines are sophisticated enough to figure out our whole signup form!

Scotty tweaked the code so that now the system isn't so likely to accept inputs from autocomplete.

_________________
Greg
Webmonster
Moon Sims ~ SimsHost ~ Ultimate Sims List
miros1
Lone Surviving Sims 1 Holdout
Joined: 05 Sep 2004
Posts: 5348
Location: NY State
Post Posted: Thu Nov 30, 2006 4:41 am
Reply with quote
It is possible for the web browser to return cookies that it shouldn't.

I know it will return cookies for one site to another site if they're requested by domain name. I'm not sure if it can just grab all your cookies or not.

In Ghostman's case, they were snagging the cookies specifically for GameFAQ, so they knew exactly what they were looking for.

_________________
Rose/Miros
Webmistress, the Wooden Simolean
http://www.woodensimolean.simshost.com
The Wooden Simolean is a SimsHost subscriber supported site
Greg
Anja's Sock Puppet
Joined: 30 Aug 2004
Posts: 6672
Location: Happy Valley
Post Posted: Thu Nov 30, 2006 9:26 am
Reply with quote
miros1 wrote:
It is possible for the web browser to return cookies that it shouldn't.

I know it will return cookies for one site to another site if they're requested by domain name. I'm not sure if it can just grab all your cookies or not.

In Ghostman's case, they were snagging the cookies specifically for GameFAQ, so they knew exactly what they were looking for.


It's not supposed to work that way. The browser should return cookies only to the domain that set them.

_________________
Greg
Webmonster
Moon Sims ~ SimsHost ~ Ultimate Sims List
I entered a phising site yesterday.
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
All times are GMT - 5 Hours  
Page 1 of 1  

  
  
 Reply to topic  
Powered by phpBB © phpBB Group
Design by phpBBStyles.com | Styles Database.
Content © The Hullabaloo