5,814,863 Members 48,818 Now Online
XDA Developers Android and Mobile Development Forum

[Q] How do phishing sites work?

Tip us?
 
guy48065
Old
(Last edited by guy48065; 21st August 2014 at 05:45 PM.) Reason: Added screenshots & links
#1  
Member - OP
Thanks Meter 0
Posts: 34
Join Date: Dec 2013
Location: MI
Question [Q] How do phishing sites work?

...and are they browser-specific?
Three days ago I installed UC Browser (standard version, downloaded from the Play Store) to give it a spin (SGS3 i747 running 4.3). After importing all my bookmarks I visited Paypal. After the login page when using the native browser, Firefox or Dolphin I've always seen the same mobile version of their summary page but this time I got a very different stripped-down page with a big "Get the Paypal App" button on the top. I figured it was just a marketing thing. To get past that it had a 2nd login area. After sending my info it did show my account balance but everything else was the same on that sparse page--including the lack of transactions, links to details, functions & features, etc, etc. Now I had the uneasy feeling I had been scammed so I transferred most of my money out and changed my PW.

Why would I get re-directed to a phishing site ONLY when using UC Browser and always inputting the correct URL?
I notified my friend that recommended the app and he also got the bogus-looking login page--and he's using the HD version of the browser.

I haven't gotten a response from Paypal and after posting a bad review on the Play Store the developer only suggested I block the site with a plugin. That doesn't seem to address the issue.

I'm assuming UC Browser isn't evil--but could the version (9.9.2, 8/12/14) in the Play Store be hacked?

Post-login page links (correct, suspicious):

https://www.paypal.com/myaccount/home
https://mobile.paypal.com/us/cgi-bin...apapp-homepage
Attached Images
File Type: jpg paypal_Dolphin.jpg - [Click for QR Code] (205.7 KB, 7 views)
File Type: jpg paypal_UC.jpg - [Click for QR Code] (192.0 KB, 7 views)
Galaxy S3
Recent Net10 refugee now on AT&T
 
guy48065
Old
#2  
Member - OP
Thanks Meter 0
Posts: 34
Join Date: Dec 2013
Location: MI
Bump-- need help understanding so I can protect myself.
... also doesn't hurt to warn others this might be a bad app.
Galaxy S3
Recent Net10 refugee now on AT&T
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes