Yesterday I was doing a search on Google for a person. One of the search results was a link for Facebook. When I clicked on the link I was take to a page that looked like Facebook but actually wasn't. When I click again I was asked to login. I thought this was strange because Facebook usually doesn't make me log in. I looked at the address line and it showed facebook*com*urrsa2*com (with dots instead of asterisks). I was taken aback. I did a search for this domain using the site qualifier in Google and found no less than 137,000 pages in the index. That looks phishy.
I did some testing. You can type in any domain in front of that domain and it will show you the page in question. Visiting the main page just shows a sad looking page -- not very professional if it is legit.
I checked the whois data for that domain and it also looks phishy. It is using a Dynamic DNS service and the registrant address is "One Microsoft Way". So either its a scam or Microsoft has gotten really sloppy about their proxy service.
I use OpenDNS but they had not yet blocked this domain. I attempted to report it to them and they referred me to phishtank.com who had no record of the domain.
On OpenDNS I was able to block the domain so my home is protected. Consider this a warning.
Comments
The results count for today is only 143,000 hits in Google.
Some of the top hits are "the official website of the Government of the District of Columbia", "Tennessee Department of Human Services", Photobucket, and Facebook.
Am I the only one who sees a problem with this?
This could be nasty if the bad domain were entered in the Search Domains field of your networking setup.
Post new comment