收到钓鱼邮件和网站大家怎么把它玩坏 - 未名空间MITBBS历史存档

国际科技财经博客移民网络热点娱乐民生时事公众号

Redian新闻

>未名空间

>PhotoGear - 摄影器材

收到钓鱼邮件和网站大家怎么把它玩坏

收到钓鱼邮件和网站大家怎么把它玩坏# PhotoGear - 摄影器材

f*a2016-12-08 08:12

1 楼

report abuse to [email protected]/* */;
[email protected]/* */;
[email protected]/* */
someone is using your server hosting a phishing website to fake paypal and
steal information.
The domain name is paid-your.com
RT
收到钓鱼邮件和网站大家怎么把它玩坏
这个网站是钓鱼的假paypal网，大家有什么办法把它黑了，或是玩坏它。不要用真实信
息。
请谨慎访问，千万不要输入真实信息
https://paid-your.com/
研究一下他们的钓鱼和伪造技术，然后abuse 它的流量和空间，做个script给他输入大
量假信息，要他一个个验证，浪费它的时间。或是想办法找漏洞，把它的vps 服务器黑
了。
XXXXXX, thanks for using PayPal checkout!

You paid $98.27 USD to
EZ-LINK SYSTEMS INC.
Thanks for using PayPal, [email protected]/* */
Login Now
Payment details
For your purchase on December 5, 2016
Details
Email Bussines - Invoice #7201
$98.72 USD
Subtotal
$98.72 USD

Total
$98.72 USD

Paid with
MasterCard x-2707

If this was not you, Please Review your account to avoid fraud on your
account

Ship to
XXXXXX
777 Dunbar St
Rochester, NY 14619
UNITED STATES OF AMERICA

Merchant details
INFO-LINK SYSTEMS INC.
[email protected]/* */
207-936-7207

Please do not reply to this email. To get in touch with us, click Help &
Contact.
Copyright © 1999-2016 PayPal. All rights reserved.PayPal PPC000998:b7

D*32016-12-08 08:12

2 楼

被骗了？

f*a2016-12-08 08:12

3 楼

还好，差点家人中招。
我老早养成了收到任何email和打开任何网站link前看源码的习惯了

【在 D***3 的大作中提到】

: 被骗了？

f*a2016-12-08 08:12

4 楼

科普一下，钓鱼link很好识别。
打开网页在浏览器上看它的full url，一般都有https ssl 的加密协议，点https左边
的锁看certificate 是原网站的，还有确定域名是不是官方的。这些都是很显而易见的
。

f*a2016-12-08 08:12

5 楼

SSL certificate
Someone from domain name paid-your.com is using your issuing certificate to
hosting a phishing website to fake paypal and steal information.
The remote computer
2.23.140.1.2.1
1.3.6.1.4.1.44947.1.1.1
issued to: paid-your.com
issued by: Let's Encrypt Authority X3
Valid from 12/7/2016 to 3/7/2017
Please check attach certificate info.