Flutterby™! : Phishing

Next unread comment / Catchup all unread comments User Account Info | Logout | XML/Pilot/etc versions | Long version (with comments) | Weblog archives | Site Map | | Browse Topics


2009-08-04 15:03:56.679549+00 by Dan Lyke 3 comments

Argh. A week or two ago my DSL modem died. I went and got the best one Staples had in stock, which sucks and lacks features I need, and after recovering my password from AT&T I plugged it in and got some set of redirects asking me to download and run files from a domain that didn't look anything like anything like ATT.net.

I used my iPhone's net connection to verify that this is what I should be doing, and cursed their name, but...

Just got a call from someone who's going through the same thing with Comcast. She got a redirect and a request to download a file from some HTTP address at "comcastonline.com". Sounds kinda like phishing to me, so I "whois comcastonline.com" and see that the registrar is "CORPORATE DOMAINS, INC" and the Administrative and Technical contact is "Corporation Service Company / Domain Administrator".

The DNS servers for that domain are comcast.net, so I told her she should download and run it, but...

Is it that big company network admins are deliberately colluding with scammers to try to get users used to dodgy network and security practices? This sort of crap is horrendous, I guess it's too hard to do things right within their network environments, but still...

[ related topics: broadband Economics iPhone ]

comments in ascending chronological order (reverse):

#Comment Re: made: 2009-08-05 20:23:01.722721+00 by: spc476

Perhaps I'm missing something, but why would you need to run some piece of software on your computer to use a bridge (or router)? Am I SOL because I won't run Windows on my home network?

#Comment Re: made: 2009-08-05 21:43:46.227989+00 by: Dan Lyke

I think they both use those stupid things to set up PPOE, and they have some sort of autodetect to configure many routers/modems. I don't know, mostly I think it's an excuse for the various ISPs to try to sneak malware like the Yahoo Toolbar on to my Windows box. Sigh.

#Comment Re: made: 2009-08-09 03:24:15.147487+00 by: radix

Sometimes users are really just that clueless. The AT&T thing is an IE-based connection to the AT&T standard DSL router to set PPoE. The last time I reset my pw the tech tried to get me to start that routine. I told him I used a DD-WRT Linksys to terminate my PPoE and that I had already reset it and it was working. He actually returned to script and I just said, "Take the win, close the ticket" which finally got through.