11-27-2018, 01:24 PM
Today i came to know a phishing site from an article on a renowned security blog that was talking about how sophisticated phishing site makers have become lately. it was a url that looked almost like the original site url except it had a curious mark over the i. Not a dot but a comma there.
We have a bank: SBI. I thought what if someone made a phishing site with that letter in place of i. We usually look for https padlock and the url. But i guess even i could easily miss that..i say "even i" cause i am hyper paranoid. If i get fooled i am sure many regular folks will get it wrong if not most.
So i decided to do a little survey kind of thing and post the url here openly asking people whether they can see the difference from the original url.
As a result i got a 30 percent warning... as a member and wellwisher of this community, i would like to point out that it was a bad use of the forum rules here.
I didn't hide that it was a phishing site. Also i was not trying to get people into trouble.
Winning a vps is not the most important thing here...it is my reputation. How i appear in the eyes of my friends and peers around here is what at stake here.
I appealed our founder and the staff responsible ..hope they see my point and respond. Here is the text.
Please pardon the mistakes in english. Thanks.
I posted cause people are not aware of punycode and internationalized domains. They make phishing site urls look so similar to the original. So it was the start of an effort to increase awareness... it is not like i didnt mention that one of them was a phishing site and copy of the other...
Also is it not better to work against and talk about phishing than to do hush hush.
( edit..The punishment feels like ) Like carpet bombing or like getting killed by swatting.
Here in india, most of us are taught to not talk about sex and sexual organs. I dont think that has helped much when it comes to sexual crimes and women safety.
Not saying bad words, being gentle and polite wont help you when you are in trouble from one who does. I think it is better to know what to expect and prepare for it. Also many phishing sites are increasingly using https and showing green padlock in the process. So we need to raise awareness.
The rule is here so people do not promote bad things. But writing to raise awareness and promoting are not the same thing...
I would very much appreciate if you guys reconsider the warning.
Thanks.
Rudra..
We have a bank: SBI. I thought what if someone made a phishing site with that letter in place of i. We usually look for https padlock and the url. But i guess even i could easily miss that..i say "even i" cause i am hyper paranoid. If i get fooled i am sure many regular folks will get it wrong if not most.
So i decided to do a little survey kind of thing and post the url here openly asking people whether they can see the difference from the original url.
As a result i got a 30 percent warning... as a member and wellwisher of this community, i would like to point out that it was a bad use of the forum rules here.
I didn't hide that it was a phishing site. Also i was not trying to get people into trouble.
Winning a vps is not the most important thing here...it is my reputation. How i appear in the eyes of my friends and peers around here is what at stake here.
I appealed our founder and the staff responsible ..hope they see my point and respond. Here is the text.
Please pardon the mistakes in english. Thanks.
arsalahmed786 Wrote: Wrote:Dear rudraI am appealing to you guys against the punishment. (If it is not a punishment then a warning is ok i guess. Even though it still feels bad. I have never been warned on any sites so far. )
You have received a warning from the staff of Post4VPS Forum | Free VPS Provider.
--
You've received warning level 30% for a month because of sharing phising site which is against forum rule #14
--
You can't participate in any giveaway until your warning level expire.
I posted cause people are not aware of punycode and internationalized domains. They make phishing site urls look so similar to the original. So it was the start of an effort to increase awareness... it is not like i didnt mention that one of them was a phishing site and copy of the other...
Also is it not better to work against and talk about phishing than to do hush hush.
( edit..The punishment feels like ) Like carpet bombing or like getting killed by swatting.
Here in india, most of us are taught to not talk about sex and sexual organs. I dont think that has helped much when it comes to sexual crimes and women safety.
Not saying bad words, being gentle and polite wont help you when you are in trouble from one who does. I think it is better to know what to expect and prepare for it. Also many phishing sites are increasingly using https and showing green padlock in the process. So we need to raise awareness.
The rule is here so people do not promote bad things. But writing to raise awareness and promoting are not the same thing...
I would very much appreciate if you guys reconsider the warning.
Thanks.
Rudra..
Sincere Thanks to VirMach for my VPS9. Also many thanks to Shadow Hosting and cubedata for the experiences I had with their VPSs.