Look, slicer4ever, let’s end this silly game.
Just give me your PayPal account information and I will stop sending you these e-mails. You can’t hold out forever…
L. Spiro
We will split the profits.
almost fell for a phishing email
I had a phishing email address me by name last week, e.g. rather than "dear customer" it said "dear <my name>", not only that but they used the right account details.
A lot of people might fall for that. Ugh targetted attacks..
and not the actual .com address(what is this part of an address called anyway?)
I didn't see this answered for you. Top Level Domains are what the ".com", ".net" (as in GameDev.net), ".org", etc are called.
yep star craft II has them to they keep sending me emails to click there link because Im trying to sell wow account I dont have that account pff.
and not the actual .com address(what is this part of an address called anyway?)
I didn't see this answered for you. Top Level Domains are what the ".com", ".net" (as in GameDev.net), ".org", etc are called.
You can rent your own tld for only $10k a year.
Looks like they don't really check what you're doing either...
.paypal here we come... :)
Another shield should be protecting you even if you screw up and click, the SSL certificate won't be to paypal's name.
There's two problems with this line of thinking though, assuming you failed to recognize the phishing attempt from the URL alone:
1. if the phishing link sends you to an HTTP endpoint, and you forget to check that the green padlock is missing (if you actually check that, you probably are also checking the URL), you're fucked
2. if the adversary actually has a valid and legitimate-looking SSL certificate to his phishing website (and, yes, it can be done; turns out many CA's don't really do in-depth verification besides domain ownership), and you don't check that the certificate is actually owned by the legitimate Paypal entity (which is actually about the same amount of work as checking the URL), you're fucked
The best defense against phishing attacks, really, is to use bookmarks, and not click random links from emails, or if you must, spend a few seconds scanning the URL to verify it's actually sending you to the right place. And also, it's probably okay to ignore SSL certificate warnings from some random website you just found on google search, but you probably want to think twice if your browser is telling you your bank's certificate is invalid!
Ah i thought so, the "L. Spiro" at the bottom of that email seemed very familar. Unfortuantly i think you'll be disappointed with my finacials though.Look, slicer4ever, let’s end this silly game.
Just give me your PayPal account information and I will stop sending you these e-mails. You can’t hold out forever…
L. Spiro
Ah thanks, i was always curious about what to call that part.and not the actual .com address(what is this part of an address called anyway?)
I didn't see this answered for you. Top Level Domains are what the ".com", ".net" (as in GameDev.net), ".org", etc are called.
this forum has historically attracted quite smart people from the game/tech industry, so i am highly surprised to hear that the OP almost fell for phishing scammer. I personally avoid such situations by a custom google script i wrote that send all of my emails straight into the goddamn trash
I always type urls manually, especially for sensitive sites. It's a bit more work, but at least you don't go to places you didn't enter.
Until you mis-type and end up on a scam site like paypla.com set up for just that purpose.
Until you mis-type and end up on a scam site like paypla.com set up for just that purpose.
That's what the ".cm" domain name is for. 
This topic is closed to new replies.
Advertisement
Popular Topics
Advertisement
