Phishing Site? - DFWstangs Forums
 
LinkBack Thread Tools Display Modes
post #1 of 8 (permalink) Old 12-18-2006, 02:25 PM Thread Starter
We lost one.....
 
Mychael101's Avatar
 
Join Date: Jun 2001
Location: Red Oak TX
Posts: 6,415
Phishing Site?

I think I have something messed up on my comp. I've ran several virus/malware/spyware scans in safe mode and I can't find anything. Anytime I want to browse over to chase's website it starts to load it and then instead of the normal www.chase.com it very quickly shows https:mfasa.chase.com/login.html, WTF is this and how do I get rid of it if its not supposed to be there?
Mychael101 is offline  
Sponsored Links
Advertisement
 
post #2 of 8 (permalink) Old 12-18-2006, 04:57 PM
Time Served
 
Join Date: Apr 2005
Location: Longview, TX
Posts: 554
Quote:
Originally Posted by Mychael101
I think I have something messed up on my comp. I've ran several virus/malware/spyware scans in safe mode and I can't find anything. Anytime I want to browse over to chase's website it starts to load it and then instead of the normal www.chase.com it very quickly shows https:mfasa.chase.com/login.html, WTF is this and how do I get rid of it if its not supposed to be there?
I just went there and it shows Http://mfasa.chase.com/auth/login.html for a split second..go figure...
Snake007 is offline  
post #3 of 8 (permalink) Old 12-18-2006, 11:37 PM Thread Starter
We lost one.....
 
Mychael101's Avatar
 
Join Date: Jun 2001
Location: Red Oak TX
Posts: 6,415
So is that ok???
Mychael101 is offline  
post #4 of 8 (permalink) Old 12-18-2006, 11:53 PM
Kill!
 
usmcluke's Avatar
 
Join Date: Aug 2005
Location: TEXAS!!!
Posts: 7,173
I know you have have had some identity theft woes so I understand your concern but that page is owned by chase. mfsaa I am sure is what concerns you but that is followed by .chase.com (actually Bank One but same thing), the mfsaa is a smaller part of the larger chase.com domain. If you really are concerned about you computer and think that you have been hacked. Disconnect it from the the internet, and rebuild it, using your recovery CD. If you don't have the technical know how to accomplish that, post up asking for help there are a lot of us who can show you what to do.

New site!

http://www.gearheadsperformance.com

Quote:
Originally Posted by 5.0_CJ
I have my windows open, started to smell like someone shit on my window ledge, realized it was the pungent stench of socialism. Sorry if there is any typos in this post, hard to read shit through this gas mask.
usmcluke is offline  
post #5 of 8 (permalink) Old 12-19-2006, 01:53 AM Thread Starter
We lost one.....
 
Mychael101's Avatar
 
Join Date: Jun 2001
Location: Red Oak TX
Posts: 6,415
I didn't have a recovery cd but I have an hp comp and I just used the recovery tools they provide. Its pretty much the same as the system restore. There is an option for destructive recovery that will return it to the way it was shipped from the factory and I will lose all data. I may do that after I transfer all the data I want to hold on to.
Mychael101 is offline  
post #6 of 8 (permalink) Old 12-19-2006, 09:03 AM
Googlist-Wikipedian
 
Hunt4m3x's Avatar
 
Join Date: Jul 2002
Location: de_aztec
Posts: 4,814
I bet it is checking that you aren't getting the man in the middle attack or ARP attacks. Or checking for phishing tools.

I know Risk did it on his network and Bank of America Denied his access because "someone" (him) was running ARP attack on his network.

Basicly, steals your username/passwords.


The site is owned by Chase tho. Nothing to worry bout.

2005 Infiniti G35 Sedan Ivory Pearl Premium

2006 Infiniti FX45 Liquid Platinum

2010 Polaris Ranger RZR S Orange Madness







Ban count: 2
Hunt4m3x is offline  
post #7 of 8 (permalink) Old 12-19-2006, 10:20 AM Thread Starter
We lost one.....
 
Mychael101's Avatar
 
Join Date: Jun 2001
Location: Red Oak TX
Posts: 6,415
Well that basically eliminates the only way I could think of that would allow someone to get my debit/credit card information. But its good to know that my comp is secure.
Mychael101 is offline  
post #8 of 8 (permalink) Old 12-19-2006, 04:55 PM
El Camino
 
Stang2be's Avatar
 
Join Date: Sep 2003
Location: in front of the keyboard
Posts: 3,432
Quote:
Originally Posted by Hunt4m3x
I bet it is checking that you aren't getting the man in the middle attack or ARP attacks. Or checking for phishing tools.

I know Risk did it on his network and Bank of America Denied his access because "someone" (him) was running ARP attack on his network.

Basicly, steals your username/passwords.


The site is owned by Chase tho. Nothing to worry bout.
ARP is layer 2 and that would only work possibly if you were on comcast/tw and someone decided to arp poison the gateway. Even then the provider should be able to detect/prevent this if they so choose.

I have never tried this on comcast/time warner but have demo'd this at my previous job to show it is possible to sniff traffic on a switched network.

2007 Taurus SEL - daily driver
1974 El Camino SS - 400sb

Quote:
Originally Posted by purrrfectstang
Umm.. what is the ID-10T settings?
Stang2be is offline  
Sponsored Links
Advertisement
 
Reply

Bookmarks

Quick Reply
Message:
Options

Register Now



In order to be able to post messages on the DFWstangs Forums forums, you must first register.
Please enter your desired user name, your email address and other required details in the form below.

User Name:
Password
Please enter a password for your user account. Note that passwords are case-sensitive.

Password:


Confirm Password:
Email Address
Please enter a valid email address for yourself.

Email Address:
OR

Log-in









Human Verification

In order to verify that you are a human and not a spam bot, please enter the answer into the following box below based on the instructions contained in the graphic.



Thread Tools
Show Printable Version Show Printable Version
Email this Page Email this Page
Display Modes
Linear Mode Linear Mode



Posting Rules  
You may post new threads
You may post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is On
Trackbacks are On
Pingbacks are On
Refbacks are On

 
For the best viewing experience please update your browser to Google Chrome