[SC.LUG] RE: [man-lug] Email Scam Alert

Simeon swfarrington at beeb.net
Sat Nov 8 18:22:34 GMT 2003


Hi Ted

That's really scary actually - I'd not seen that one before but will
be more vigilant in the future (not that I'm a Lloyds customer but it
looks a fairly easy trick to do and catch people out).

Simeon

On 06-Nov-03 Frank Mitchell wrote:
> Dear LUGs,
> 
> I thought I'd alert you to a Bogus Email I received recently.
> Apparently it's from Lloyds TSB, even though I'm not a Lloyds
> Customer. So I phoned Lloyds, who confirmed it wasn't theirs, though
> they were aware of it.
> [...]
> link (or if you use AOL), copy and paste the link into
> the address bar of your web browser.
> 
> http://www.lloydstsb.com:ac-x6LC0IQr2aBda1XBALgF@LlOyDsG.dA.rU/?LdZJtDp
> 
> --------------------------------------------
>        Thank you for using Lloyds!
> --------------------------------------------

The trick here is the following. In a URL, if there's an "@" in what
follows http:// then only what comes after the "@" is treated as the
real URL. So in connecting to the above, you would be connected
directly to

  LlOyDsG.dA.rU/?LdZJtDp

(which would of course present itself as a simulacrum of the Lloyd's
web page). The "/www.lloydstsb.com..." at the beginning is a total
dummy and its sole purpose is to make people think that they are
connecting to the real Lloyds site.

Since not many people are aware of this, and since very few not
aware of it are going to risk their eyesight by scrutinising every
character and even then have to suss out what's going on with
"LlOyDsG.dA.rU", this is a pretty cunning deception.

Ted.





More information about the SC mailing list