Here’s a good scam!
Very nicely done, they only messed up in a few places.
Normally when you get a phishing attempt, from “ebay” or whoever, the fastest way to tell is to hover on the URL and see that it really links to “www.scammerhome.net”. This one avoids that, by using a cleverly crafted ebay “About me” page.
You can see it live at:
http://members.ebay.com/ws/eBayISAPI.dll?ViewUserPage&userid=Inssommia&JBR_W0QQitemZ26036QQssPage36QQssPageNameZWDVWQQrdZ1QQcmdViewItem&item=28011654654
DO NOT TYPE YOUR real DETAILS IN! Make something up. 
Take a look at the top bar of the browser page, and then do a ‘hard refresh’ (Ctrl-F5 in Firefox) and watch the slightly freaky way the page reloads.
It’s been very neatly done using a set of images and looking at the source, there is no javascript used at all!
The log-in (enter fake details) takes you to an ebay themed page, where they forgot to re-write the URL to ebay – it goes to http://plymouth.rtcubed.net/.download/secure/ which tries to get you to download some file with the name referenced in the email.
If anyone wants to take a look and report back what the payload is, I’d be interested.
(Bonus points for anyone who knows what the Google search you can still see was about!)
LockCon #2, at HAR
Tuesday, August 18th, 2009Got back yesterday from a sort of Busman’s Holiday. We took 6 days off and visited a really brilliant technology and security festival, held every 4 years in The Netherlands. The event is called Hacking At Random, and, as the name suggests, involved a lot of people sat behind computers in a field! However, it wasn’t just hacking servers and sniffing traffic in the virtual worlds, it also included a large section on the physical world, including the latest developments with rapid prototyping, UAVs and, of course, locks. Not forgetting a free toasti with a free domain name and socially-engineered T-shirt!
For me, highlights included the talk about breaking the key control on the EVVA MCS, possibly the world’s most secure magnetic lock, for less than the cost of one of the locks, and the use of a rapid prototyping machine to create a physical plastic copy of the Dutch & German police handcuffs. (If you know what this means, you can get the STL file from http://ke.y.nu and then 3D print your own!)
I gave my talk on British lever locks, which was well received, and a Dutch locksmith did a short hands-on picking session to demonstrate just how insecure the local 4 lever locks are. Ray gave his lecture and hands-on about handcuffs, which is always very popular, whilst many others learned that the basic first level of home security, the 5 pin cylinder lock, was, for the cheaper locks, not very secure at all.
Most mind-blowing, however, was the impressioning championship won by Jos. Impressioning is the art of making a key to an unknown lock. This is tricky but once you know how, do-able. It took me 63 minutes, and only half the competitors finished within the hour time limit. The winner, however, came in with a time of just 87 seconds! Put into context, that’s about 12.5 seconds per cut depth! To put it another way, once set up, I take about half that time to copy a key on my key machine, whilst Jos was using a hand file and did not know the key cuts, only the lock. You can see the video at BlackBag.
So, a great time was had by all. There were also some private learning sessions, covering various things, which I will not be mentioning here. But if you gave them, thanks! We all learned a lot.
Tags: EVVA MCS, handcuffs, HAR, impressioning, key copying
Posted in Cheers & Jeers, Commentary, HAR, on-line | No Comments »