A Digg copycat site – http://567gu.com/ has been leaked which looks and functions exactly like digg. But the only difference is when you will login to digg the story, your password will be sent to the hacker who will completely mess your account up.
How Does it Work?
You may receive messages via IM or via digg itself containing a link to a particular story. Sometimes we get so many of these everyday that we hardly look at the URL of the story. If its anything other than “digg.com“, I’d advice you not to click it.
If I randomly give you this link, you will open it without noticing the ‘address bar’. This is a FAKE digg page.
Since the page looks exactly like digg, its very easy for you to get fooled. I feel that this is even dangerous than the Twitter Phishing because – a social news site like digg involves more sharing of links. If you are active on Digg, I bet you have a lot of friends in your IM (e.g. Google Talk, AIM). One of them might be the Scammer who would want to pass you a fake digg page and ask for a digg. If you are careless and actually try to login and digg his post, he will get access to your actual digg account and use it for his own benefit.
So be aware! Pass this news to all your friends, because if they can compromise one of their accounts they might actually use their account to send the phishing message to you. And since you trust your friend, you might not actually bother to look at the address bar.
Here is the Whois Information
Organization : su yue bian
Name : suyuebian
Address : shanghaipudongtangqiao19B
City : shanghaishi
Province/State : Shanghai
Country : CN
Postal Code : 361009
The fake twitter site also has a similar whois info – Shanghai, China. Interesting!
Update: One of the commenter in this post is a strong believer that this is not a phishing site as both the site has the same IP. Well I was aware of that before posting this entry because the actual news originated here. And as you can see in the comments of that entry, a few of the diggers already pointed out well before that both the sites have the same Ip.
However I still find it risky and a possible phishing scam ‘attempt’. Here is why:
- Both digg.com and the domain in question – 567gu.com are on different name servers. So even though they are redirecting the requests to digg’s server ‘right now’, it not might be the case after an hour? Or tomorrow!
- Digg.com is working fine. Its not blocked by my ISP nor it has any other issues. So why would I take the risk of going to a 3rd party site and take my chances?
- Phishing is like ‘social engineering‘. Today they may be actually pointing to digg’s server, tomorrow they might point to a totally different location! User has no control over it, only the person who owns the domain will be able to control it – whenever he wants to!
- After what happened with twitter, I don’t think this is a co-incidence. If you are smart you should not take this ‘lightly’. Since the owner of the domain is in control, He can keep everything the way it is and simply point the ‘login page’ to another address to capture your password.
If you still want to go ahead and try your luck, Be my guest :)