Digg Phishing Scam Exposed After Twitter

Follow us on Twitter

Hackers didn’t just stop at the Twitter Phishing Scam that we saw few days back. Now They are after the social news site - Digg!

A Digg copycat site - http://567gu.com/ has been leaked which looks and functions exactly like digg. But the only difference is when you will login to digg the story, your password will be sent to the hacker who will completely mess your account up.
How Does it Work?

You may receive messages via IM or via digg itself containing a link to a particular story. Sometimes we get so many of these everyday that we hardly look at the URL of the story. If its anything other than “digg.com“, I’d advice you not to click it.

Be particularly careful when someone gives you a link with a URL Shortening service like Tiny URL. Those can really fool you big time. For example, Check this out — http://tinyurl.com/6vjavf

If I randomly give you this link, you will open it without noticing the ‘address bar’. This is a FAKE digg page.

Since the page looks exactly like digg, its very easy for you to get fooled. I feel that this is even dangerous than the Twitter Phishing because - a social news site like digg involves more sharing of links. If you are active on Digg, I bet you have a lot of friends in your IM (e.g. Google Talk, AIM). One of them might be the Scammer who would want to pass you a fake digg page and ask for a digg. If you are careless and actually try to login and digg his post, he will get access to your actual digg account and use it for his own benefit.

So be aware! Pass this news to all your friends, because if they can compromise one of their accounts they might actually use their account to send the phishing message to you. And since you trust your friend, you might not actually bother to look at the address bar.

Here is the Whois Information

Registrant:
Organization : su yue bian
Name : suyuebian
Address : shanghaipudongtangqiao19B
City : shanghaishi
Province/State : Shanghai
Country : CN
Postal Code : 361009

Source: http://www.networksolutions.com/whois-search/567gu.com

The fake twitter site also has a similar whois info - Shanghai, China. Interesting!

Reprinted from Saad Kamal

Armen Hareyan's picture

Posted January 7th, 2009 by Armen Hareyan

Receive HULIQ News in Email:

Subscribe in a reader