Home » CenturyLink » Currently Reading:

Gone Phishing: Hackers Target CenturyLink With Authentic Looking Customer Portal Website – Customers Beware

Phillip Dampier February 11, 2010 CenturyLink No Comments

CenturyLink customers should exercise caution in responding to e-mail links to CenturyLink’s online account portal.  Hackers have meticulously duplicated the look and feel of the nation’s fourth largest phone company’s online account website with hopes customers will provide personal information that can be used for identity theft or fraudulent financial activity.

Trend Micro’s TrendLabs group warned readers it noticed the well-done phishing fakes popping up on several websites, preparing to collect information from unsuspecting customers.  Most phishing attacks typically start with unsolicited e-mail purporting to be from CenturyLink, with a convenient link included for customers to click.  Only this e-mail will not direct visitors to CenturyLink, instead diverting customers to the impostor websites that look like the real thing.

Customers can protect themselves from these phishing tricks and traps by following this advice:

  1. If receiving e-mail from a company asking you to follow a link to their website, you are safer typing in the company’s website address yourself, ignoring the link.  Links that look authentic in an e-mail can be anything but when you click on them.  If you intend to share personal information or password to log in to a website, it’s better to start your journey there yourself.
  2. If the site you reach shows an unexpected address in the URL window, that is often a warning sign trouble is brewing.  CenturyLink’s account login screen should display either https://auth.centurylink.net/saml/module.php/core/no_cookie.php?retryURL=https%3A%2F%2Fauth.centurylink.net%2Fsaml%2Fsaml2%2Fidp%2FSSOService.php%3Fspentityid%3Dhttp%253A%252F%252Fcenturylink.net%252Fsaml%252Fmodule.php%252Fsaml%252Fsp%252Fmetadata.php%252FClient%252FLibrary%252FSaml%252Fsaml-sp%26cookieTime%3D1521251419%26RelayState%3Dhttp%253A%252F%252Fcenturylink.net%252Flogin%252F or https://eam.centurylink.com/eam/login.do.  If it shows a series of numbers or a website address other than centurylink.com or centurylink.net, consider ending your visit and starting over at centurylink.com, typed into your browser yourself.  When in doubt, don’t enter your login information.
  3. A padlock should be visible somewhere in your browser at the CenturyLink login screen.  Most place the padlock at the bottom of the browser screen.  No padlock?  Danger.
  4. Any code errors on the page that show up should also be a point of concern along with spelling and grammatical errors.

In general, using up to date antivirus software and applying security patches regularly will offer some advance warning of a suspicious message.  But nothing beats common sense.

The authentic CenturyLink website. Notice the padlock circled on the right.

The fake version phishing for your personal information. Circled on the left is a warning of code errors on the page. On the right, notice the absence of a padlock icon.

Search This Site:

Contributions:

Recent Comments:

  • Paul Houle: I can believe in AT&T's plan, but not Comcast. For better or worse, AT&T is going "all in" on video and is unlike other major providers in ...
  • Phillip Dampier: Yes, that battle with Northwest Broadcasting, which also involved stations in Idaho-Wyoming and California, was the nastiest in recent history, with s...
  • Doug Stoffa: Digital takes up way less space than old analog feeds - agreed. In a given 6 MHz block, the cable company can send down 1 NTSC analog station, 2-4 HD...
  • Phillip Dampier: Digital video TV channels occupy next to nothing as far as bandwidth goes. Just look at the huge number of premium international channels loading up o...
  • Doug Stoffa: It's a bit more complicated than that. Television stations (and the networks that provide them programming) have increased their retransmission fees ...
  • Alex sandro: Most of the companies offer their services with contracts but Spectrum cable company offer contract free offers for initial year which is a very good ...
  • John: I live in of the effected counties, believe it or not our village is twenty three miles from WSKG Tower, approxiamately eighty miles from Syracuse, WS...
  • Wilhelm: I'm in the Finger Lakes where Spectrum removed WROC-8 last Fall, but we still get other Rochester channels, WHAM-13, WHEC-10 and WXXI-21. I have to wo...
  • dhkjsalhf: "Another classic case of businesses being much smarter than governments." I don't know whether this was sarcastic or not, but I feel it's a sentiment...
  • New Yorker: It makes no sense. I wonder sometimes if raising the limits on how much money rich people giving to candidates could make it more expensive to buy of...
  • New Yorker: Will New York go through with the threat? As an upstater I have seen infrastructure projects drag on in cost and time (eg. 1.5 yrs to repair a tiny b...
  • Matthew H Mosher: Another classic case of businesses being much smarter than governments....

Your Account: