U.S. CitiesCity-Data Forum Index
Go Back   City-Data Forum > General Forums > Science and Technology > Internet
 [Register]
Please register to participate in our discussions with 2 million other members - it's free and quick! Some forums can only be seen by registered members. After you create your account, you'll be able to customize options and access all our 15,000 new posts/day with fewer ads.
View detailed profile (Advanced) or search
site with Google Custom Search

Search Forums  (Advanced)
Reply Start New Thread
 
Old 08-09-2011, 06:47 PM
 
16,308 posts, read 25,262,012 times
Reputation: 8302

Advertisements

Is Your Credit Card Stolen? Check for free!

Test yours
Reply With Quote Quick reply to this message

 
Old 08-09-2011, 07:11 PM
 
Location: Tucson for awhile longer
8,874 posts, read 13,808,549 times
Reputation: 29048
Ah, no thanks. You might be perfectly on the up and up, but when I see links like this, my antennae go up.
Reply With Quote Quick reply to this message
 
Old 08-09-2011, 07:57 PM
 
16,308 posts, read 25,262,012 times
Reputation: 8302
You passed, wonder how many won't.

OBTW, the site is harmless
Reply With Quote Quick reply to this message
 
Old 08-09-2011, 08:00 PM
 
Location: The Southern Sac's, NM
1,872 posts, read 2,992,996 times
Reputation: 2888
McAfee TrustedSource web reputation analysis found potential security risks with this site. Use with extreme caution.
(Phishing or other scams)

ismycreditcardstolen.com | McAfee SiteAdvisor Software
Reply With Quote Quick reply to this message
 
Old 08-09-2011, 08:22 PM
 
2,182 posts, read 4,706,159 times
Reputation: 1206
Quote:
Originally Posted by RanchoNan View Post
McAfee TrustedSource web reputation analysis found potential security risks with this site. Use with extreme caution.
(Phishing or other scams)

ismycreditcardstolen.com | McAfee SiteAdvisor Software
ya think?
Reply With Quote Quick reply to this message
 
Old 08-09-2011, 08:56 PM
 
Location: Barrington, IL area
1,594 posts, read 2,680,946 times
Reputation: 4950
Hahaha, nice try.
Reply With Quote Quick reply to this message
 
Old 08-09-2011, 09:11 PM
 
Location: Silicon Valley
3,685 posts, read 8,494,847 times
Reputation: 2978
Some comments from the page's source:

Quote:
<!--
This site is intended to be a lesson for people who are susceptible to getting
phished. The goal here is for no credit card information to ever be sent across
the wire. To accomplish this, all credit card info is outside the form. That
way, clicking on the submit button doesn't submit any credit card info.
Godaddy was smart enough to detect some evil keywords in the domain and require
a human being to look at the site. If you are reading this, Godaddy: Our
intention is to educate and inform people of phishing, in a particularly
memorable way:
http://ismycreditcardstolen.com/anti-phishing.jpg
BTW there is no form validation so just click the submit button if you want to
see the "you have failed" message, visible here:
Tsk tsk tsk
-->
I looked at the source and the comments are correct. Anything you enter is NOT submitted.
Reply With Quote Quick reply to this message
 
Old 08-09-2011, 10:35 PM
 
40,182 posts, read 41,790,512 times
Reputation: 16740
I wouldn't call it perfectly safe, it's non https page. Unlikely but the HTML can be hacked in transit to the user.

Probably the bigger issue is if the page gets changed in the future. Suppose this is a long term strategy and years down the road they change it so it does collect data. They'll have thousands of links going to it that were created when the page was safe. Same thing if the domain expires and someone unscrupulous obtains the domain. The server could get hacked..... Actually a lot of potential risk involved with it.

Last edited by thecoalman; 08-09-2011 at 11:04 PM..
Reply With Quote Quick reply to this message
 
Old 08-09-2011, 10:54 PM
 
16,308 posts, read 25,262,012 times
Reputation: 8302
Quote:
Originally Posted by thecoalman View Post
I wouldn't call it perfectly safe, it's non https page. Unlikely but the HTML can be hacked in transit to the user.

Probably the bigger issue is if the page gets changed in the future, for example this could be long term strategy. 2 years down the road they have thousands of people linking to it but now the page does collect data. Same thing if the domain expires and someone unscrupulous obtains the domain.
There is a wild assumption, so if it were https you would consider it safe
Reply With Quote Quick reply to this message
 
Old 08-09-2011, 11:10 PM
 
40,182 posts, read 41,790,512 times
Reputation: 16740
Quote:
Originally Posted by Asheville Native View Post
There is a wild assumption, so if it were https you would consider it safe
The only one making an assumption is yourself. I wouldn't consider it safe at all just because it's https, I'm well aware of how easy it is to obtain a certificate since I have my own. The point I'm trying to make is this page has many possible ways it could potentially be exploited.


---------edit---------
You understand what I'm saying about the https? This has nothing to do with submitting the data over a secure connection but the page being hijacked in transit before it gets to the end user in which case it could be altered so it does submit data.
Reply With Quote Quick reply to this message
Please register to post and access all features of our very popular forum. It is free and quick. Over $68,000 in prizes has already been given out to active posters on our forum. Additional giveaways are planned.

Detailed information about all U.S. cities, counties, and zip codes on our site: City-data.com.


Reply
Please update this thread with any new information or opinions. This open thread is still read by thousands of people, so we encourage all additional points of view.

Quick Reply
Message:

Over $104,000 in prizes was already given out to active posters on our forum and additional giveaways are planned!

Go Back   City-Data Forum > General Forums > Science and Technology > Internet
Follow City-Data.com founder on our Forum or

All times are GMT -6. The time now is 06:35 AM.

© 2005-2019, Advameg, Inc. · Please obey Forum Rules · Terms of Use and Privacy Policy · Bug Bounty

City-Data.com - Archive 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35 - Top