Phishing Attempt on Traderji - Pls read

[beginner_av]

With due respects, I do not believe getting the IP address is even considered as hacking and the person who does it as a hacker, if that is what you two proclaim to be.
If you do consider yourselves professional hackers, my ID is open!
Nothing can be done with the IP, except to find out in which city (very often, it is only state, not even city) the person resides.


I do not think phishing by itself is punishable under the Indian law (correct me). Only if a fraud arises from phishing, action can be taken. Legal action otherwise would be futile!


Firewall monitors only inbound and outbound network traffic and help prevent attacks from remote sources. It will not assist you if you are careless to give away your password and id. Unless the hacker has superior technology (which the amateur hackers, constituting significant % of the hacker population, don't usually have), it is not possible to hack your, provided of course that you don't leak it out by your carelessness.

I dare not accept your challenge Sir! Check this out. http://www.ipaddresslocation.org/ from your PC
And yes if I know what you are using, I have more focused tools to breach you.
BTW if u visit some phishing site or any other "drive by" site u stand the risk of spyware/trojan infection or XSS etc script attacks.
ANd if I know your IP it is all the better to probe a lil more with Pings for some open and unsecure ports or flood your system with DOS etc.

 

[n00b]

You can do all that if you know the IP address of the user's PC. All IP address reporting sites give you the IP address of your ISP's router, not the private IP of the user. So finding the IP is no big deal, no threat. You have NAT, and the incoming attacks on the router have no idea about where to forward the attack to.

Yes, if you are hosting a website or something with a static public IP, then its a different story.

Anyway, this isn't a techie forum, I don't think these details should be discussed here.

 

[krishna23]

damn just got back frm a vacation and i fall prey to this
newayz changed my pass as soon as i saw this thread!

 

[oxusmorouz]

May be ur right Oxy,...
Ur unhackable. n one more thing .. i didnt claim i m a hacker. I dont know how to hack or crack. I just know about comp is how to turn on , use my trading softwares , starting my trading plateform and surf traderji. and then shut it down at end of the day.
but i know u know to hack .
lol...
Regards,..
Darsh.

Alas, I know very little about hacking but I reasonably do know how to protect myself from being hacked. Maybe they go hand in hand!

BTW if u visit some phishing site or any other "drive by" site u stand the risk of spyware/trojan infection or XSS etc script attacks.
ANd if I know your IP it is all the better to probe a lil more with Pings for some open and unsecure ports or flood your system with DOS etc.

As you said BAV, unless the security vulnerability in the system is known, it is quite impossible to lay siege to it. The script attack should be easily countered by a good anti-virus/anti-spyware internet monitoring system. Even if the malicious program is one of a kind, its behavior can/should be sensed by any good anti-malware program and action taken immediately!

 

[shrinivas]

yes i sent u that rep point to hack into your system! and i specifically put a comment so that u know who sent it!

oh really...but all my ids and passwords are different as from traderji...

 

[securitiescwa]

Sir Plz
Help Me,
How can read Inbox Post
Plz help Me

 

[chandeshwar1963]

I got a PM from saurabh_forever like this:

plz help me out
http://www.traderji.com/investors-grieviences/19875-broker-sold-my-shares-without-consent.html

but the url was actually http://traderji.freeweb7.com/investors-grieviences/19875-broker-sold-my-shares-without-consent.html

Which asked for id/pass when opened.

Pls do not provide ur user id / pass there.
I have also sent this to admin via 'contact us' link.

Such members should be banned and ip put in blacklist. Silly Phishers.

This PM was also sent to Recipients: abhishekdeshpande, cadipakarora, dilip2k, DWeeP, ford7k, pmotewar, rakamaka, skulk, swagat86
and probably others too. so these people change id/pass immediately.

For those who are new to word phishing: http://en.wikipedia.org/wiki/Phishing



Thanks.
-Dweep

Thank u for warning the community.

 

[linuxguy]

First of all thank you for sending the alert signal. I signed in to traderji (or any other forum) only once and selected " remember my id and password" so I dont have to enter my ID and pass again.

Such members should be banned and ip put in blacklist.

I think we have static (sorry....dynamic) IPs so whats the point in blacklisting that random IP?