SA-MP Forums Archive
SA-MP forum password phishing attempt? - Printable Version

+- SA-MP Forums Archive (https://sampforum.blast.hk)
+-- Forum: SA-MP (https://sampforum.blast.hk/forumdisplay.php?fid=3)
+--- Forum: General (https://sampforum.blast.hk/forumdisplay.php?fid=13)
+--- Thread: SA-MP forum password phishing attempt? (/showthread.php?tid=567059)


SA-MP forum password phishing attempt? - Pottus - 10.03.2015

After a search today I noticed there is a proxy site exclusively dedicated to linking to the SA-MP forums here is what was troubling and should be something everyone needs to look out for.

A picture of the site, as you can see a perfect immitation


Make sure that if your not logged the page your on is actually the genuine website.

Re: SA-MP forum password phishing attempt? - Kapersky™ - 10.03.2015

Thanks for informing.

EDIT: I guess, yes.

I wonder, they're using the backgroup from Nevada Roleplay, rofl.



Re: SA-MP forum password phishing attempt? - CalvinC - 10.03.2015

I've seen it as well, it's been up for some time, but no idea what it is.

Re: SA-MP forum password phishing attempt? - Tamer - 10.03.2015

sa-mp.com should acquire an SSL certificate, also game-mp.com

Yeah It's a bit off topic, but just throwing this here.

Re: SA-MP forum password phishing attempt? - Abagail - 10.03.2015

The weird thing is that it shows the up-to-date posts... I wonder if it's actually getting the data directly from sa-mp.com and serving as an iframe or using some other method.

Re: SA-MP forum password phishing attempt? - Samp_India - 11.03.2015

Quote:
Originally Posted by Abagail
View Post
The weird thing is that it shows the up-to-date posts... I wonder if it's actually getting the data directly from sa-mp.com and serving as an iframe or using some other method.
Its a Reverse proxy.
Quote:

In computer networks, a reverse proxy is a type of proxy server that retrieves resources on behalf of a client from one or more servers. These resources are then returned to the client as though they originated from the proxy server itself.
http://en.wikipedia.org/wiki/Reverse_proxy

Re: SA-MP forum password phishing attempt? - Parallax - 11.03.2015

Quote:
Originally Posted by Tamer
View Post
sa-mp.com should acquire an SSL certificate, also game-mp.com

Yeah It's a bit off topic, but just throwing this here.
No need to do so. It's the victim's fault for not being cautious and getting their account compromised.

Re: SA-MP forum password phishing attempt? - rymax99 - 11.03.2015

SSL only mitigates MITM attacks.

Re: SA-MP forum password phishing attempt? - Khanz - 11.03.2015

Quote:
Originally Posted by Parallax
View Post
No need to do so. It's the victim's fault for not being cautious and getting their account compromised.
That's a really stupid argument, the site owner should do their bit too, a SSL certification isn't hard to obtain.
SSL can also help to protect when connecting to insecure networks.

Re: SA-MP forum password phishing attempt? - KayJ - 11.03.2015

Quote:
Originally Posted by Samp_India
View Post
I think that might be a reason, happens to me also